2500mhz

2 CVEs • 1 product

Products (1)

Click to collapse

Toggle

Worksimple

worksimple

2 CVEs

CVEs (2)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2008-5765 12500mhz 1Worksimple Apr 23, 2026 Dec 30, 2008 N/A· v4 N/A· v3 5.0 MEDIUM· v2 WorkSimple 1.2.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing usernames and passwords via a direct request for d...Show more WorkSimple 1.2.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing usernames and passwords via a direct request for data/usr.txt.Show less
CVE-2008-5764 12500mhz 1Worksimple Apr 23, 2026 Dec 30, 2008 N/A· v4 N/A· v3 9.3 HIGH· v2 PHP remote file inclusion vulnerability in calendar.php in WorkSimple 1.2.1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the lang parameter.

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2008-5765

12500mhz

1Worksimple

Apr 23, 2026

Dec 30, 2008

N/A· v4

N/A· v3

5.0 MEDIUM· v2

WorkSimple 1.2.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing usernames and passwords via a direct request for d...Show more

CVE-2008-5764