Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Centipaid Subscribe
Filtered by product Centipaid
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2006-6976 1 Centipaid 1 Centipaid 2017-10-18 7.5 HIGH N/A
PHP remote file inclusion vulnerability in centipaid_class.php in CentiPaid 1.4.2 and earlier allows remote attackers to execute arbitrary code via a URL in the absolute_path parameter.
CVE-2006-6975 1 Centipaid 1 Centipaid 2008-09-04 5.1 MEDIUM N/A
** DISPUTED ** PHP remote file inclusion vulnerability in centipaid_class.php in CentiPaid 1.4.3 allows remote attackers to execute arbitrary code via a URL in the class_pwd parameter. NOTE: this issue has been disputed by CVE and multiple third parties, who state that $class_pwd is set to a static value before the relevant include statement.