Aggregates CVE and security vulnerability intelligence across all easy-clanpage-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Common weakness patterns include vendor risk sql injection and vendor risk path handling, with potential vendor impact data exposure and vendor impact file overwrite across vendor surface production workloads use cases.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2008-2818 | Directory traversal vulnerability in Easy-Clanpage 3.0 b1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the section parameter to the default URI. | [email protected] | 7.5 | 2.29% | 2008-06-23 | 2026-06-16 |
| CVE-2008-1494 | SQL injection vulnerability in inc/module/online.php in Easy-Clanpage 2.2 allows remote attackers to execute arbitrary SQL commands via the id parameter in a user details action, a different vector than CVE-2008-1425. | [email protected] | 7.5 | 1.12% | 2008-03-25 | 2026-06-16 |
| CVE-2008-1425 | SQL injection vulnerability in index.php in the gallery module in Easy-Clanpage 2.2 allows remote attackers to execute arbitrary SQL commands via the id parameter in a kate action. | [email protected] | 7.5 | 0.97% | 2008-03-20 | 2026-06-16 |