Easy-clanpage » Easy-clanpage : Security Vulnerabilities, CVEs, CVSS score >= 7
Directory traversal vulnerability in Easy-Clanpage 3.0 b1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the section parameter to the default URI.
Max CVSS
7.5
EPSS Score
1.12%
Published
2008-06-23
Updated
2017-09-29
SQL injection vulnerability in inc/module/online.php in Easy-Clanpage 2.2 allows remote attackers to execute arbitrary SQL commands via the id parameter in a user details action, a different vector than CVE-2008-1425.
Max CVSS
7.5
EPSS Score
0.10%
Published
2008-03-25
Updated
2018-10-11
SQL injection vulnerability in index.php in the gallery module in Easy-Clanpage 2.2 allows remote attackers to execute arbitrary SQL commands via the id parameter in a kate action.
Max CVSS
7.5
EPSS Score
0.06%
Published
2008-03-20
Updated
2017-09-29
3 vulnerabilities found