Zanfi Solutions » Zanfi Cms Lite : Security Vulnerabilities, CVEs, Published In December 2004
Zanfi CMS lite 1.1 allows remote attackers to obtain the full path of the web server via direct requests without required arguments to (1) adm_pages.php, (2) corr_pages.php, (3) del_block.php, (4) del_page.php, (5) footer.php, (6) home.php, and others.
Max CVSS
5.0
EPSS Score
1.32%
Published
2004-12-31
Updated
2017-07-11
PHP remote file inclusion vulnerability in index.php in Zanfi CMS lite 1.1 allows remote attackers to execute arbitrary PHP code via the inc parameter.
Max CVSS
5.0
EPSS Score
1.69%
Published
2004-12-31
Updated
2017-07-11
2 vulnerabilities found