CVE-2007-5304
- EPSS 4.62%
- Published 09.10.2007 18:17:00
- Last modified 09.04.2025 00:30:58
Multiple cross-site scripting (XSS) vulnerabilities in ELSEIF CMS Beta 0.6 allow remote attackers to inject arbitrary web script or HTML via the (1) repertimage parameter to utilisateurs/vousetesbannis.php, the (2) elseifvotetxtresultatduvote paramet...
CVE-2007-5305
- EPSS 6.43%
- Published 09.10.2007 18:17:00
- Last modified 09.04.2025 00:30:58
Multiple PHP remote file inclusion vulnerabilities in ELSEIF CMS Beta 0.6 allow remote attackers to execute arbitrary PHP code via a URL in the (1) contenus parameter to (a) contenus.php; the (2) tpelseifportalrepertoire parameter to (b) votes.php, (...
- EPSS 2.29%
- Published 09.10.2007 18:17:00
- Last modified 09.04.2025 00:30:58
ELSEIF CMS Beta 0.6 allows remote attackers to obtain sensitive information (full path) via unspecified vectors to utilisateurs/votesresultats.php.
CVE-2007-5307
- EPSS 3.07%
- Published 09.10.2007 18:17:00
- Last modified 09.04.2025 00:30:58
ELSEIF CMS Beta 0.6 does not properly unset variables when the input data includes a numeric parameter with a value matching an alphanumeric parameter's hash value, which allows remote attackers to execute arbitrary PHP code by uploading a .php file ...