Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Benjacms Subscribe
Filtered by product Benja Cms
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2008-2987 1 Benjacms 1 Benja Cms 2018-10-11 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in Benja CMS 0.1 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) admin_edit_submenu.php, (2) admin_new_submenu.php, and (3) admin_edit_topmenu.php in admin/.
CVE-2008-2988 1 Benjacms 1 Benja Cms 2018-10-11 7.5 HIGH N/A
Unrestricted file upload vulnerability in admin/upload.php in Benja CMS 0.1 allows remote attackers to upload and execute arbitrary PHP files via unspecified vectors, followed by a direct request to the file in billeder/.
CVE-2008-2879 1 Benjacms 1 Benja Cms 2018-10-11 6.4 MEDIUM N/A
Benja CMS 0.1 does not require authentication for access to admin/, which allows remote attackers to add or delete a menu.