Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Cardinal Cms Project Subscribe
Filtered by product Cardinal Cms
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2007-5156 4 Cardinal Cms Project, Redlinesoft, Sitex Cms Project and 1 more 4 Cardinal Cms, Lanai Cms, Sitex Cms and 1 more 2020-10-14 7.5 HIGH N/A
Incomplete blacklist vulnerability in editor/filemanager/upload/php/upload.php in FCKeditor, as used in SiteX CMS 0.7.3.beta, La-Nai CMS, Syntax CMS, Cardinal Cms, and probably other products, allows remote attackers to upload and execute arbitrary PHP code via a file whose name contains ".php." and has an unknown extension, which is recognized as a .php file by the Apache HTTP server, a different vulnerability than CVE-2006-0658 and CVE-2006-2529.