Picoflat Cms

picoflat_cms

2 CVEs • 1 product

Products (1)

Click to collapse

Toggle

Picoflat Cms

picoflat_cms

2 CVEs

CVEs (2)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2007-5920 1Picoflat Cms 1Picoflat Cms Apr 23, 2026 Nov 10, 2007 N/A· v4 N/A· v3 6.8 MEDIUM· v2 index.php in Domenico Mancini PicoFlat CMS before 0.4.18 allows remote attackers to include certain files via unspecified vectors, possibly due to a directory traversal vulnerability. NOTE: this can be leveraged to bypa...Show more index.php in Domenico Mancini PicoFlat CMS before 0.4.18 allows remote attackers to include certain files via unspecified vectors, possibly due to a directory traversal vulnerability. NOTE: this can be leveraged to bypass authentication and upload files by including pico_insert.php or unspecified other administrative scripts. NOTE: some of these details are obtained from third party information.Show less
CVE-2007-5390 1Picoflat Cms 1Picoflat Cms Apr 23, 2026 Oct 12, 2007 N/A· v4 N/A· v3 6.8 MEDIUM· v2 PHP remote file inclusion vulnerability in index.php in PicoFlat CMS 0.4.14 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the pagina parameter.

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2007-5920

1Picoflat Cms

Apr 23, 2026

Nov 10, 2007

N/A· v4

N/A· v3

6.8 MEDIUM· v2

index.php in Domenico Mancini PicoFlat CMS before 0.4.18 allows remote attackers to include certain files via unspecified vectors, possibly due to a directory traversal vulnerability. NOTE: this can be leveraged to bypass authentication and upload files by including pico_insert.php or unspecified other administrative scripts. NOTE: some of these details are obtained from third party information.Show less

CVE-2007-5390

1Picoflat Cms

Apr 23, 2026

Oct 12, 2007

N/A· v4

N/A· v3

6.8 MEDIUM· v2

PHP remote file inclusion vulnerability in index.php in PicoFlat CMS 0.4.14 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the pagina parameter.