Tutos : Security Vulnerabilities, CVEs,

CVE-2008-0149

TUTOS 1.3 allows remote attackers to read system information via a direct request to php/admin/phpinfo.php, which calls the phpinfo function.
Max CVSS
5.0
EPSS Score
0.37%
Published
2008-01-09
Updated
2021-08-30

CVE-2008-0148

TUTOS 1.3 does not restrict access to php/admin/cmd.php, which allows remote attackers to execute arbitrary shell commands via the cmd parameter in a direct request.
Max CVSS
10.0
EPSS Score
0.44%
Published
2008-01-09
Updated
2017-10-19

CVE-2004-2162

Multiple cross-site scripting (XSS) vulnerabilities in TUTOS 1.1 allow remote attackers to inject arbitrary web script or HTML via (1) the search field of the Address Module or (2) the t parameter to app_new.php.
Max CVSS
4.3
EPSS Score
0.83%
Published
2004-12-31
Updated
2017-07-11

CVE-2004-2161

SQL injection vulnerability in file_overview.php in TUTOS 1.1 allows remote attackers to execute arbitrary SQL commands via the link_id parameter.
Max CVSS
7.5
EPSS Score
19.92%
Published
2004-12-31
Updated
2017-07-11
4 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close