Nice Name Crew

#10320of 53,638
26.8Total CVSS
Vulnerabilities · 4
Medium
1
High
3
PT-2007-6317
7.5
2007-10-05
Ossigeno · Ossigeno Cms · CVE-2007-5234
Name of the Vulnerable Software and Affected Versions: Ossigeno CMS version 2.2 alpha3 Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the `level` parameter in the upload/common/footer.php file. Recommendations: For Ossigeno CMS version 2.2 alpha3, consider restricting access to the upload/common/footer.php file until a patch is available. As a temporary workaround, avoid using the `level` parameter in the affected file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2007-5956
7.5
2007-09-11
Txx · Txx Cms · CVE-2007-4818
Name of the Vulnerable Software and Affected Versions: Txx CMS version 0.2 Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the `doc root` parameter to various PHP files, including (1) 'addons/plugin.php', (2) 'addons/sidebar.php', (3) 'mail/index.php', or (4) 'mail/mailbox.php' in modules/. Recommendations: For Txx CMS version 0.2, as a temporary workaround, consider restricting access to the `doc root` parameter in the affected PHP files until a patch is available. Avoid using the `doc root` parameter in the affected API endpoints, such as 'addons/plugin.php', 'addons/sidebar.php', 'mail/index.php', and 'mail/mailbox.php', until the issue is resolved.
PT-2007-5957
4.3
2007-09-11
Txx Cms · Txx Cms · CVE-2007-4819
Name of the Vulnerable Software and Affected Versions: Txx CMS version 0.2 Description: The issue concerns multiple cross-site scripting (XSS) vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML. The exact vectors used for the injection are not specified. Recommendations: For Txx CMS version 0.2, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2007-5695
7.5
2007-08-25
Phpress · Ppress · CVE-2007-4524
**Name of the Vulnerable Software and Affected Versions** PhPress version 0.2.0 **Description** The issue allows remote attackers to execute arbitrary PHP code via a URL in the `lang` parameter in the adisplay.php file. **Recommendations** For PhPress version 0.2.0, consider restricting access to the adisplay.php file or validating and sanitizing the `lang` parameter to prevent remote file inclusion attacks. As a temporary workaround, consider disabling the adisplay.php file until a patch is available.