CVE-2008-0254
- EPSS 0.91%
- Veröffentlicht 15.01.2008 20:00:00
- Zuletzt bearbeitet 16.06.2026 22:49:15
SQL injection vulnerability in activate.php in TutorialCMS (aka Photoshop Tutorials) 1.02, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the userName parameter.
CVE-2007-2822
- EPSS 4.42%
- Veröffentlicht 22.05.2007 21:30:00
- Zuletzt bearbeitet 16.06.2026 22:40:30
TutorialCMS 1.01 and earlier, when register_globals is enabled, allows remote attackers to bypass authentication via the (1) loggedIn and (2) activated parameters to (a) login.php, (b) headerLinks.php, (c) submit1.php, (d) myFav.php, and (e) userCP.p...
CVE-2007-2599
- EPSS 3.73%
- Veröffentlicht 11.05.2007 10:19:00
- Zuletzt bearbeitet 16.06.2026 22:39:55
Multiple SQL injection vulnerabilities in TutorialCMS (aka Photoshop Tutorials) 1.00 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) catFile parameter to (a) browseCat.php or (b) browseSubCat.php; the (2) id parameter...
CVE-2007-2600
- EPSS 2.78%
- Veröffentlicht 11.05.2007 10:19:00
- Zuletzt bearbeitet 16.06.2026 22:39:55
Multiple cross-site scripting (XSS) vulnerabilities in TutorialCMS (aka Photoshop Tutorials) 1.00 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) catFile parameter to (a) browseCat.php or (b) browseSubCat.php; th...