Tgs CMS
Products
2- 3 CVEs
- 1 CVE
Recent CVEs
4| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2009-2929 | 0.03 | — | 0.01 | Aug 21, 2009 | Multiple SQL injection vulnerabilities in TGS Content Management 0.x allow remote attackers to execute arbitrary SQL commands via the (1) tgs_language_id, (2) tpl_dir, (3) referer, (4) user-agent, (5) site, (6) option, (7) db_optimization, (8) owner, (9) admin_email, (10)… | |||
| CVE-2009-2928 | 0.03 | — | 0.01 | Aug 21, 2009 | Cross-site scripting (XSS) vulnerability in login.php in TGS Content Management 0.x allows remote attackers to inject arbitrary web script or HTML via the previous_page parameter, a different vector than CVE-2008-6839. | |||
| CVE-2008-6839 | 0.03 | — | 0.01 | Jun 27, 2009 | Multiple cross-site scripting (XSS) vulnerabilities in TGS Content Management 0.3.2r2 allow remote attackers to inject arbitrary web script or HTML via the (1) msg and (2) goodmsg parameters to (a) login.php and (b) index.php, and the (3) dir and (4) id parameters to index.php. … | |||
| CVE-2006-5732 | 0.03 | — | 0.01 | Nov 6, 2006 | SQL injection vulnerability in logout.php in T.G.S. CMS 0.1.7 and earlier allows remote attackers to execute arbitrary SQL commands via the myauthorid cookie. |
- CVE-2009-2929Aug 21, 2009risk 0.03cvss —epss 0.01
Multiple SQL injection vulnerabilities in TGS Content Management 0.x allow remote attackers to execute arbitrary SQL commands via the (1) tgs_language_id, (2) tpl_dir, (3) referer, (4) user-agent, (5) site, (6) option, (7) db_optimization, (8) owner, (9) admin_email, (10)…
- CVE-2009-2928Aug 21, 2009risk 0.03cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in login.php in TGS Content Management 0.x allows remote attackers to inject arbitrary web script or HTML via the previous_page parameter, a different vector than CVE-2008-6839.
- CVE-2008-6839Jun 27, 2009risk 0.03cvss —epss 0.01
Multiple cross-site scripting (XSS) vulnerabilities in TGS Content Management 0.3.2r2 allow remote attackers to inject arbitrary web script or HTML via the (1) msg and (2) goodmsg parameters to (a) login.php and (b) index.php, and the (3) dir and (4) id parameters to index.php. …
- CVE-2006-5732Nov 6, 2006risk 0.03cvss —epss 0.01
SQL injection vulnerability in logout.php in T.G.S. CMS 0.1.7 and earlier allows remote attackers to execute arbitrary SQL commands via the myauthorid cookie.