← Back

Orca

orca

Vendor: Boonex • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2009-2919
1Boonex
1Orca
Apr 23, 2026
Aug 21, 2009
N/A· v4
N/A· v3
3.5 LOW· v2
Cross-site scripting (XSS) vulnerability in Boonex Orca 2.0 and 2.0.2 allows remote authenticated users to inject arbitrary web script or HTML via the topic title field.
CVE-2008-5167
1Boonex
1Orca
Apr 23, 2026
Nov 19, 2008
N/A· v4
N/A· v3
9.3 HIGH· v2
PHP remote file inclusion vulnerability in layout/default/params.php in Boonex Orca 2.0 and 2.0.2, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the gConf[dir][layou...Show more
PHP remote file inclusion vulnerability in layout/default/params.php in Boonex Orca 2.0 and 2.0.2, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the gConf[dir][layouts] parameter.Show less