Falt4 Cms : Security Vulnerabilities, CVEs,

CVE-2007-6311

SQL injection vulnerability in (1) index.php, and possibly (2) admin/index.php, in Falt4Extreme RC4 10.9.2007 allows remote attackers to execute arbitrary SQL commands via the nav_ID parameter.
Max CVSS
7.5
EPSS Score
0.38%
Published
2007-12-11
Updated
2018-10-15

CVE-2007-6310

Multiple cross-site scripting (XSS) vulnerabilities in Falt4Extreme RC4 10.9.2007 allow remote attackers to inject arbitrary web script or HTML via the handler parameter to (1) index.php and possibly (2) admin/index.php, and (3) the topic parameter to modules/feed/feed.php (aka modules/feed.php).
Max CVSS
4.3
EPSS Score
0.56%
Published
2007-12-11
Updated
2018-10-15
2 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close