Vulnerabilities (CVE)

  1. Yack CVE
  2. Vulnerabilities (CVE)
Filtered by vendor Grayscale
Filtered by product Bandsite Cms
Angry Yack Logo
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2006-3193 1 Grayscale 1 Bandsite Cms 2025-04-03 5.1 MEDIUM N/A
Multiple PHP remote file inclusion vulnerabilities in Grayscale BandSite CMS 1.1.1, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the root_path parameter to (1) includes/content/contact_content.php; multiple files in adminpanel/includes/add_forms/ including (2) addbioform.php, (3) addfliersform.php, (4) addgenmerchform.php, (5) addinterviewsform.php, (6) addlinksform.php, (7) addlyricsform.php, (8) addmembioform.php, (9) addmerchform.php, (10 ...

Show More
CVE-2006-4985 1 Grayscale 1 Bandsite Cms 2025-04-03 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in Grayscale BandSite CMS allow remote attackers to inject arbitrary web script or HTML via (1) the max_file_size_purdy parameter in adminpanel/includes/helpfiles/help_mp3.php, (2) the message_text parameter in adminpanel/includes/mailinglist/sendemail.php, (3) the this_year parameter in includes/footer.php, and the band parameter in (4) adminpanel/includes/helpfiles/help_news.php (5) adminpanel/includes/helpfiles/help_merch.php, (6) adminpanel ...

Show More
CVE-2006-4984 1 Grayscale 1 Bandsite Cms 2025-04-03 7.5 HIGH N/A
Multiple PHP remote file inclusion vulnerabilities in Grayscale BandSite CMS allow remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[root_path] parameter in (1) adminpanel/includes/mailinglist/mlist_xls.php and (2) adminpanel/includes/add_forms/addmp3.php. NOTE: the other vectors from the original disclosure are already covered by CVE-2006-3193.
CVE-2006-4986 1 Grayscale 1 Bandsite Cms 2025-04-03 5.0 MEDIUM N/A
Grayscale BandSite CMS allows remote attackers to obtain sensitive information via a direct request for (1) certain files in the includes/content directory, (2) includes/shows_preview.php, and (3) adminpanel/configform.php; and files in adminpanel/includes/ including (4) mailinglist/disphtmltbl.php, (5) mailinglist/dispxls.php, (6) mailinglist/sendshows.php, (7) previews/preview_bio.php, (8) previews/preview_genmerch.php, (9) previews/preview_fliers.php, (10) previews/preview_gbook.php, (11) pre ...

Show More