Aggregates CVE and security vulnerability intelligence across all nitrotech-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Common weakness patterns include vendor risk sql injection and vendor risk path handling, with potential vendor impact data exposure across vendor surface production workloads and vendor surface software deployment use cases.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2008-5334 | PHP remote file inclusion vulnerability in includes/common.php in NitroTech 0.0.3a allows remote attackers to execute arbitrary PHP code via a URL in the root parameter. | [email protected] | 10.0 | 2.94% | 2008-12-05 | 2026-04-23 |
| CVE-2008-5333 | SQL injection vulnerability in members.php in NitroTech 0.0.3a allows remote attackers to execute arbitrary SQL commands via the id parameter. | [email protected] | 7.5 | 0.41% | 2008-12-05 | 2026-04-23 |
| CVE-2006-6938 | Directory traversal vulnerability in includes/common.php in NitroTech 0.0.3a, as distributed before 2006, allows remote attackers to include arbitrary files via ".." sequences in the root parameter. | [email protected] | 5.0 | 7.39% | 2007-01-17 | 2026-04-23 |