Fastpublish : Security Vulnerabilities, CVEs,
Multiple directory traversal vulnerabilities in Fastpublish CMS 1.9999 d allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the target parameter to (1) index2.php and (2) index.php.
Max CVSS
7.5
EPSS Score
0.68%
Published
2008-10-09
Updated
2017-09-29
Multiple SQL injection vulnerabilities in Fastpublish CMS 1.9.9.9.9 d (1.9999 d) allow remote attackers to execute arbitrary SQL commands via the (1) sprache parameter to index2.php and the (2) artikel parameter to index.php.
Max CVSS
7.5
EPSS Score
0.20%
Published
2008-10-09
Updated
2017-09-29
PHP remote file inclusion vulnerability in adminbereich/designconfig.php in Fastpublish CMS 1.9999 allows remote attackers to execute arbitrary PHP code via a URL in the config[fsBase] parameter, a different vector than CVE-2006-2726.
Max CVSS
6.8
EPSS Score
21.48%
Published
2007-12-13
Updated
2017-09-29
PHP remote file inclusion vulnerability in Fastpublish CMS 1.6.9.d allows remote attackers to include arbitrary files via the config[fsBase] parameter in (1) drucken.php, (2) drucken2.php, (3) email_an_benutzer.php, (4) rechnung.php, (5) suche/search.php and (6) adminbereich/admin.php.
Max CVSS
7.5
EPSS Score
65.39%
Published
2006-06-01
Updated
2017-10-19
4 vulnerabilities found