Vendor
Status2k
Products
1
CVEs
4
Across products
4
Status
Private
Products
1- 4 CVEs
Recent CVEs
4| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2014-5094 | 0.04 | — | 0.07 | Oct 20, 2014 | Status2k allows remote attackers to obtain configuration information via a phpinfo action in a request to status/index.php, which calls the phpinfo function. | ||
| CVE-2014-5090 | 0.03 | — | 0.06 | Aug 6, 2014 | admin/options/logs.php in Status2k allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in the Location field in Add Logs in the Admin Panel. | ||
| CVE-2014-5089 | 0.03 | — | 0.01 | Aug 6, 2014 | SQL injection vulnerability in admin/options/logs.php in Status2k allows remote authenticated administrators to execute arbitrary SQL commands via the log parameter. | ||
| CVE-2014-5088 | 0.03 | — | 0.01 | Aug 6, 2014 | Cross-site scripting (XSS) vulnerability in Status2k allows remote attackers to inject arbitrary web script or HTML via the username to login.php. |