CVE-2007-5304
- EPSS 3.76%
- Veröffentlicht 09.10.2007 18:17:00
- Zuletzt bearbeitet 16.06.2026 22:45:51
Multiple cross-site scripting (XSS) vulnerabilities in ELSEIF CMS Beta 0.6 allow remote attackers to inject arbitrary web script or HTML via the (1) repertimage parameter to utilisateurs/vousetesbannis.php, the (2) elseifvotetxtresultatduvote paramet...
CVE-2007-5305
- EPSS 9.3%
- Veröffentlicht 09.10.2007 18:17:00
- Zuletzt bearbeitet 16.06.2026 22:45:51
Multiple PHP remote file inclusion vulnerabilities in ELSEIF CMS Beta 0.6 allow remote attackers to execute arbitrary PHP code via a URL in the (1) contenus parameter to (a) contenus.php; the (2) tpelseifportalrepertoire parameter to (b) votes.php, (...
- EPSS 2.84%
- Veröffentlicht 09.10.2007 18:17:00
- Zuletzt bearbeitet 16.06.2026 22:45:51
ELSEIF CMS Beta 0.6 allows remote attackers to obtain sensitive information (full path) via unspecified vectors to utilisateurs/votesresultats.php.
CVE-2007-5307
- EPSS 2.39%
- Veröffentlicht 09.10.2007 18:17:00
- Zuletzt bearbeitet 16.06.2026 22:45:51
ELSEIF CMS Beta 0.6 does not properly unset variables when the input data includes a numeric parameter with a value matching an alphanumeric parameter's hash value, which allows remote attackers to execute arbitrary PHP code by uploading a .php file ...