Cms4000.net

cms4000.net

Vendor: Ektron • 3 CVEs

CVEs (3)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2009-4473 1Ektron 1Cms4000.net Apr 23, 2026 Dec 30, 2009 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Multiple cross-site scripting (XSS) vulnerabilities in WorkArea/ContentDesigner/ekformsiframe.aspx in Ektron CMS400.NET 7.6.1.53 and 7.6.6.47, and possibly 7.52 through 7.66sp2, allow remote attackers to inject arbitrary...Show more Multiple cross-site scripting (XSS) vulnerabilities in WorkArea/ContentDesigner/ekformsiframe.aspx in Ektron CMS400.NET 7.6.1.53 and 7.6.6.47, and possibly 7.52 through 7.66sp2, allow remote attackers to inject arbitrary web script or HTML via the (1) css, (2) eca, (3) id, and (4) skin parameters. NOTE: some of these details are obtained from third party information.Show less
CVE-2008-5122 1Ektron 1Cms4000.net Apr 23, 2026 Nov 18, 2008 N/A· v4 N/A· v3 7.5 HIGH· v2 SQL injection vulnerability in WorkArea/ContentRatingGraph.aspx in Ektron CMS400.NET 7.5.2 and earlier allows remote attackers to execute arbitrary SQL commands via the res parameter.
CVE-2008-3499 1Ektron 1Cms4000.net Apr 23, 2026 Aug 6, 2008 N/A· v4 N/A· v3 10.0 HIGH· v2 Unspecified vulnerability in "a page in the workarea folder" in Ektron CMS400.NET 7.00 through 7.04 and 7.50 through 7.52 has unknown impact and attack vectors.