This page aggregates publicly disclosed CVE and security risk information related to awrate, with CVSS, EPSS, publication dates, and vulnerability intelligence data to help assess potential risk and remediation priority.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2007-5599 | Multiple PHP remote file inclusion vulnerabilities in awrate 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the toroot parameter to (1) 404.php or (2) topbar.php, different vectors than CVE-2006-6368. | [email protected] | 6.8 | 0.58% | 2007-10-19 | 2026-04-23 |
| CVE-2006-6368 | PHP remote file inclusion vulnerability in login.php.inc in awrate 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the toroot parameter to search.php. | [email protected] | 7.5 | 10.52% | 2006-12-07 | 2026-04-23 |