Filtered by vendor Efiction
Subscriptions
Filtered by product Efiction
Subscriptions
Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2006-4427 | 1 Efiction | 1 Efiction | 2017-10-19 | N/A |
index.php in eFiction before 2.0.7 allows remote attackers to bypass authentication and gain privileges by setting the (1) adminloggedin, (2) loggedin, and (3) level parameters to "1". | ||||
CVE-2007-1118 | 1 Efiction | 1 Efiction | 2017-10-11 | N/A |
Multiple PHP remote file inclusion vulnerabilities in eFiction 3.1.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the path_to_smf parameter to (1) bridges/SMF/logout.php or (2) get_session_vars.php. | ||||
CVE-2008-2754 | 1 Efiction | 1 Efiction | 2017-09-29 | N/A |
SQL injection vulnerability in toplists.php in eFiction 3.0 and 3.4.3, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the list parameter. |
Page 1 of 1.