Aggregates CVE and security vulnerability intelligence across all rianxosencabos_cms-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Common weakness patterns include vendor risk sql injection, with potential vendor impact data exposure across vendor surface software deployment and vendor surface production workloads use cases.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2008-6014 | SQL injection vulnerability in scripts/links.php in Rianxosencabos CMS 0.9 allows remote attackers to execute arbitrary SQL commands via the id parameter. | [email protected] | 7.5 | 0.41% | 2009-01-30 | 2026-04-23 |
| CVE-2008-4245 | The Admin Control Panel in Rianxosencabos CMS 0.9 does not require administrator privileges, which allows remote authenticated users to (1) change a user's privileges, (2) delete a user account, or perform unspecified other administrative actions via vectors involving an admin lista action to the default URI, possibly related to useradmin.php. | [email protected] | 6.5 | 3.78% | 2008-09-25 | 2026-04-23 |
| CVE-2008-4244 | Rianxosencabos CMS 0.9 allows remote attackers to bypass authentication and gain administrative access by setting the usuario and pass cookies to 1. | [email protected] | 7.5 | 2.41% | 2008-09-25 | 2026-04-23 |