Aggregates CVE and security vulnerability intelligence across all zanfi_solutions-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Common weakness patterns include vendor risk sql injection and vendor risk path handling, with potential vendor impact data exposure and vendor impact file overwrite across vendor surface software deployment use cases.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2008-4159 | SQL injection vulnerability in index.php in Jaw Portal and Zanfi CMS lite and allows remote attackers to execute arbitrary SQL commands via the page (pageid) parameter. | [email protected] | 7.5 | 0.41% | 2008-09-22 | 2026-04-23 |
| CVE-2008-4158 | Multiple directory traversal vulnerabilities in index.php in Zanfi CMS lite 1.2 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) flag and (2) inc parameters. | [email protected] | 6.8 | 3.29% | 2008-09-22 | 2026-04-23 |
| CVE-2008-4074 | SQL injection vulnerability in index.php in Zanfi Autodealers CMS AutOnline allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action. | [email protected] | 7.5 | 0.58% | 2008-09-15 | 2026-04-23 |
| CVE-2008-4073 | SQL injection vulnerability in index.php in Zanfi Autodealers CMS AutOnline allows remote attackers to execute arbitrary SQL commands via the pageid parameter in a DBpAGE action. | [email protected] | 7.5 | 0.63% | 2008-09-15 | 2026-04-23 |
| CVE-2004-2196 | Zanfi CMS lite 1.1 allows remote attackers to obtain the full path of the web server via direct requests without required arguments to (1) adm_pages.php, (2) corr_pages.php, (3) del_block.php, (4) del_page.php, (5) footer.php, (6) home.php, and others. | [email protected] | 5.0 | 1.28% | 2004-12-31 | 2026-04-16 |
| CVE-2004-2195 | PHP remote file inclusion vulnerability in index.php in Zanfi CMS lite 1.1 allows remote attackers to execute arbitrary PHP code via the inc parameter. | [email protected] | 5.0 | 0.83% | 2004-12-31 | 2026-04-16 |