Al-caricatier » Al-caricatier : Security Vulnerabilities, CVEs, CVSS score >= 3
PHP remote file inclusion vulnerability in cat_viewed.php in AL-Caricatier 2.5 allows remote attackers to execute arbitrary PHP code via a URL in the CatName parameter.
Max CVSS
7.5
EPSS Score
0.95%
Published
2007-08-07
Updated
2018-10-15
Multiple cross-site scripting (XSS) vulnerabilities in view_caricatier.php in AL-Caricatier 2.5 allow remote attackers to inject arbitrary web script or HTML via the (1) CatName, (2) CaricatierID, or (3) CatID parameter.
Max CVSS
6.8
EPSS Score
0.71%
Published
2006-03-31
Updated
2018-10-18
Unspecified vulnerability in ss.php in AL-Caricatier 2.5 and earlier allows remote attackers to bypass login authentication by requesting view_caricatier.php, and then requesting any file in the admin directory with a cookie_username=admin argument.
Max CVSS
5.0
EPSS Score
2.02%
Published
2005-12-31
Updated
2017-07-20
3 vulnerabilities found