Longino » Jacome Php-revista : Security Vulnerabilities, CVEs, CVSS score >= 5
Multiple cross-site scripting (XSS) vulnerabilities in Longino Jacome php-Revista 1.1.2 allow remote attackers to inject arbitrary web script or HTML via the (1) cadena parameter in busqueda.php and the (2) email parameter in lista.php.
Max CVSS
6.8
EPSS Score
1.90%
Published
2006-09-07
Updated
2018-10-17
admin/index.php in Longino Jacome php-Revista 1.1.2 allows remote attackers to bypass authentication controls by setting the ID_ADMIN and SUPER_ADMIN parameters to 1.
Max CVSS
7.5
EPSS Score
6.93%
Published
2006-09-07
Updated
2018-10-17
Multiple SQL injection vulnerabilities in Longino Jacome php-Revista 1.1.2 allow remote attackers to execute arbitrary SQL commands via the (1) id_temas parameter in busqueda_tema.php, the (2) cadena parameter in busqueda.php, the (3) id_autor parameter in autor.php, the (4) email parameter in lista.php, and the (5) id_articulo parameter in articulo.php.
Max CVSS
7.5
EPSS Score
0.79%
Published
2006-09-07
Updated
2018-10-17
PHP remote file inclusion vulnerability in index.php in Longino Jacome php-Revista 1.1.2 allows remote attackers to execute arbitrary PHP code via the adodb parameter.
Max CVSS
7.5
EPSS Score
13.14%
Published
2006-09-07
Updated
2018-10-17
4 vulnerabilities found