Every CVE whose affected-product data names Boka Siteengine, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2008-7267 — CVSS 7.5 (high): SQL injection vulnerability in announcements.php in SiteEngine 5.x allows remote attackers to execute arbitrary SQL commands via the id…
CVE-2010-4357 — CVSS 7.5 (high): SQL injection vulnerability in comments.php in SiteEngine 7.1 allows remote attackers to execute arbitrary SQL commands via the module…
CVE-2008-7269 — CVSS 5.8 (medium): Open redirect vulnerability in api.php in SiteEngine 5.x allows user-assisted remote attackers to redirect users to arbitrary web sites and…
CVE-2008-7268 — CVSS 5.0 (medium): The phpinfo function in SiteEngine 5.x allows remote attackers to obtain system information by setting the action parameter to php_info in…