Major Versions
click and drag to zoom
Security Vulnerabilities for Version:
Severities:
Type
|
Identifier
|
Related Record |
Severity
|
Date Published
|
Description | Versions Affected |
|---|---|---|---|---|---|
| CVE-2007-1118 | Medium | Feb 27, 2007 | Multiple PHP remote file inclusion vulnerabilities in eFiction 3.1.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the more... |
1.0, 3.0, 2.0, 3.1.1, 2.0.7, 2.0.6
|
|
| CVE-2006-4427 | Medium | Aug 29, 2006 | index.php in eFiction before 2.0.7 allows remote attackers to bypass authentication and gain privileges by setting the (1) adminloggedin, (2) loggedin, more... |
1.0, 2.0, 2.0.6
|
|
| CVE-2005-4173 | Medium | Dec 11, 2005 | eFiction 1.0, 1.1, and 2.0 allows remote attackers to obtain sensitive information by accessing phpinfo.php, which executes the PHP phpinfo function. |
1.0, 2.0
|
|
| CVE-2005-4172 | Medium | Dec 11, 2005 | eFiction 1.0, 1.1, and 2.0 allows remote attackers to obtain sensitive information via a direct request to storyblock.php without arguments, which leak more... |
1.0, 2.0
|
|
| CVE-2005-4169 | High | Dec 11, 2005 | Multiple SQL injection vulnerabilities in eFiction 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) let parameter in a viewlist more... |
1.0
|
|
| CVE-2005-4168 | High | Dec 11, 2005 | Multiple SQL injection vulnerabilities in eFiction 1.0, 1.1, and 2.0 allow remote attackers to execute arbitrary SQL commands via (1) the let parameter more... |
1.0, 2.0
|
|
| CVE-2005-4167 | Medium | Dec 11, 2005 | Cross-site scripting (XSS) vulnerability in eFiction 1.0 and 1.1 allows remote attackers to inject arbitrary web script or HTML via the let parameter i more... |
1.0
|
