CVE-2006-4984
- EPSS 0.89%
- Veröffentlicht 26.09.2006 02:07:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
Multiple PHP remote file inclusion vulnerabilities in Grayscale BandSite CMS allow remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[root_path] parameter in (1) adminpanel/includes/mailinglist/mlist_xls.php and (2) adminpanel/in...
CVE-2006-4985
- EPSS 0.47%
- Veröffentlicht 26.09.2006 02:07:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
Multiple cross-site scripting (XSS) vulnerabilities in Grayscale BandSite CMS allow remote attackers to inject arbitrary web script or HTML via (1) the max_file_size_purdy parameter in adminpanel/includes/helpfiles/help_mp3.php, (2) the message_text ...
- EPSS 0.48%
- Veröffentlicht 26.09.2006 02:07:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
Grayscale BandSite CMS allows remote attackers to obtain sensitive information via a direct request for (1) certain files in the includes/content directory, (2) includes/shows_preview.php, and (3) adminpanel/configform.php; and files in adminpanel/in...
CVE-2006-3193
- EPSS 5.79%
- Veröffentlicht 23.06.2006 00:02:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
Multiple PHP remote file inclusion vulnerabilities in Grayscale BandSite CMS 1.1.1, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the root_path parameter to (1) includes/content/contact_content.ph...