← Back

Profilecms

profilecms

Vendor: Profilecms • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2007-6058
1Profilecms
1Profilecms
Apr 23, 2026
Nov 20, 2007
N/A· v4
N/A· v3
7.5 HIGH· v2
Multiple SQL injection vulnerabilities in index.php in ProfileCMS 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the id parameter in a (1) codes action in the profile-codes module, (2) video...Show more
Multiple SQL injection vulnerabilities in index.php in ProfileCMS 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the id parameter in a (1) codes action in the profile-codes module, (2) videos action in the video-codes module, or (3) games action in the arcade-games module.Show less
CVE-2007-5720
1Profilecms
1Profilecms
Apr 23, 2026
Oct 30, 2007
N/A· v4
N/A· v3
6.8 MEDIUM· v2
Unrestricted file upload vulnerability in the profiles script in ProfileCMS 1.0 allows remote attackers to upload and execute arbitrary PHP code via unspecified vectors involving creation of a profile.