Cce Interact

cce-interact

3 CVEs • 1 product

Products (1)

Click to collapse

Toggle

CVEs (3)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2008-3868 1Cce Interact 1Interact Apr 23, 2026 Nov 3, 2008 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Cross-site request forgery (CSRF) vulnerability in Interact 2.4.1 allows remote attackers to hijack the authentication of super administrators for requests that create super administrator accounts.
CVE-2008-3867 1Cce Interact 1Interact Apr 23, 2026 Nov 3, 2008 N/A· v4 N/A· v3 6.8 MEDIUM· v2 SQL injection vulnerability in spaces/emailuser.php in Interact 2.4.1 allows remote attackers to execute arbitrary SQL commands via the email_user_key parameter.
CVE-2008-3384 1Cce Interact 1Interact Apr 23, 2026 Jul 30, 2008 N/A· v4 N/A· v3 7.5 HIGH· v2 Multiple directory traversal vulnerabilities in help/help.php in Interact Learning Community Environment Interact 2.4.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) mo...Show more Multiple directory traversal vulnerabilities in help/help.php in Interact Learning Community Environment Interact 2.4.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) module and (2) file parameters.Show less