📦

chicomas

Vendor: chilkat_software

Actively Exploited 0 CISA KEV List

PoC / Exploits 1 Code Available

Total RCEs 1 Remote Access

Total CVEs 2 Total Indexed

Avg. EPSS 0.28% Exploit Prob.

Latest CVE CVE-2008-2016 Apr 30

Security Vulnerability Index

Page 1 / 1

7.5 CVSS

CVE-2008-2016

RCE Exploit Found

PHP remote file inclusion vulnerability in Chilek Content Management System (aka ChiCoMaS) 2.0.4 allows remote attackers to execute arbitrary PHP code via a URL in the lang parameter to the default URI under install/. NOTE: this can also be leveraged to include and execute arbitrary local files via directory traversal sequences.

EPSS: 0.40%

Severity: HIGH

Apr 30, 2008

7.5 CVSS

CVE-2008-2017

Directory traversal vulnerability in Chilek Content Management System (aka ChiCoMaS) 2.0.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the operation parameter to the default URI under install/.

EPSS: 0.17%

Severity: HIGH

Apr 30, 2008

Displaying 2 of 2 Total Entries

Total 1 Sections