Exv2 Content_management_system

6 CVEs affecting Exv2 Content_management_system. Latest disclosed: 2007-08-15. Critical: 2, High: 0.

Top CVEs affecting Exv2 Content_management_system
CVESeverityScorePublishedSummary
CVE-2006-7079Critical9.82007-03-02Variable extraction vulnerability in include/common.php in exV2 2.0.4.3 and earlier allows remote attackers to overwrite arbitrary program variables and conduc…
CVE-2007-1966Critical9.12007-04-11Session fixation vulnerability in eXV2 CMS 2.0.4.3 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID cookie.
CVE-2007-43652007-08-15Cross-site scripting (XSS) vulnerability in eXV2 CMS 2.0.5 and earlier allows remote attackers to inject arbitrary web script or HTML via a set_lang cookie to…
CVE-2007-19652007-04-11Multiple cross-site scripting (XSS) vulnerabilities in eXV2 CMS 2.0.4.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the set_l…
CVE-2006-70802007-03-02Directory traversal vulnerability in the avatar upload feature in exV2 2.0.4.3 and earlier allows remote attackers to delete arbitrary files via ".." sequences…
CVE-2006-50302006-09-27SQL injection vulnerability in modules/messages/index.php in exV2 2.0.4.3 and earlier allows remote authenticated users to execute arbitrary SQL commands via t…