This CPE summary could be partial or incomplete. Please contact us for a detailed listing.
Summary
| Detail | |||
|---|---|---|---|
| Vendor | Phpcms | First view | 2021-06-16 |
| Product | Phpcms | Last view | 2021-06-16 |
| Version | 2008 | Type | Application |
| Update | sp4 | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:a:phpcms:phpcms | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 9.8 | 2021-06-16 | CVE-2020-22203 | SQL Injection in phpCMS 2008 sp4 via the genre parameter to yp/job.php. |
| 8.8 | 2021-06-16 | CVE-2020-22201 | phpCMS 2008 sp4 allowas remote malicious users to execute arbitrary php commands via the pagesize parameter to yp/product.php. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 50% (1) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
| 50% (1) | CWE-89 | Improper Sanitization of Special Elements used in an SQL Command ('... |
