Vulnerabilities (CVE)

Filtered by vendor Artiphp Subscribe
Filtered by product Artiphp Cms
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2012-2906 1 Artiphp 1 Artiphp Cms 2024-02-04 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in artpublic/recommandation/index.php in Artiphp CMS 5.5.0 Neo (r422) allow remote attackers to inject arbitrary web script or HTML via the (1) add_img_name_post, (2) asciiart_post, (3) expediteur, (4) titre_sav, or (5) z39d27af885b32758ac0e7d4014a61561 parameter.
CVE-2012-2905 1 Artiphp 1 Artiphp Cms 2024-02-04 5.0 MEDIUM N/A
Artiphp CMS 5.5.0 Neo (r422) stores database backups with predictable names under the web root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request.