efiction_project 漏洞與 CVE 列表(7)

產品(CPE): — CVE 數: 7

efiction_project 漏洞概覽

efiction_project 相關的公開 CVE 漏洞與安全風險資訊,提供 CVSS、EPSS、公開時間與漏洞情報資料,協助評估潛在風險與修補優先順序。

漏洞分布趨勢(近 24 個月)

顯示 177 CVE 數
«« 第一頁 « 上一頁 第 1 / 1 頁 下一頁 »
CVE 摘要 來源 最高 CVSS EPSS % 公開時間 更新時間
CVE-2005-4173 eFiction 1.0, 1.1, and 2.0 allows remote attackers to obtain sensitive information by accessing phpinfo.php, which executes the PHP phpinfo function. [email protected] 5.0 1.76% 2005-12-11 2026-06-16
CVE-2005-4172 eFiction 1.0, 1.1, and 2.0 allows remote attackers to obtain sensitive information via a direct request to storyblock.php without arguments, which leaks the full pathname in the resulting PHP error message. [email protected] 5.0 1.76% 2005-12-11 2026-06-16
CVE-2005-4171 The "Upload new image" command in the "Manage Images" eFiction 1.1, when members are allowed to upload images, allows remote attackers to execute arbitrary PHP code by uploading a filename with a .php extension that contains a GIF header, which passes the image validity check but executes any PHP code within the file. [email protected] 7.5 7.90% 2005-12-11 2026-06-16
CVE-2005-4170 SQL injection vulnerability in eFiction 1.1 allows remote attackers to execute arbitrary SQL commands via the uid parameter to viewuser.php. [email protected] 7.5 2.05% 2005-12-11 2026-06-16
CVE-2005-4169 Multiple SQL injection vulnerabilities in eFiction 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) let parameter in a viewlist action to authors.php and (2) sid parameter to viewstory.php. [email protected] 7.5 2.18% 2005-12-11 2026-06-16
CVE-2005-4168 Multiple SQL injection vulnerabilities in eFiction 1.0, 1.1, and 2.0 allow remote attackers to execute arbitrary SQL commands via (1) the let parameter in a viewlist action to titles.php and (2) the username. [email protected] 7.5 3.44% 2005-12-11 2026-06-16
CVE-2005-4167 Cross-site scripting (XSS) vulnerability in eFiction 1.0 and 1.1 allows remote attackers to inject arbitrary web script or HTML via the let parameter in a viewlist action to titles.php. [email protected] 4.3 3.60% 2005-12-11 2026-06-16
«« 第一頁 « 上一頁 第 1 / 1 頁 下一頁 »
cvelogic Threat Intelligence