Every CVE whose affected-product data names Boonex Dolphin, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (9)
CVE-2008-3167 — CVSS 9.3 (critical): Multiple PHP remote file inclusion vulnerabilities in BoonEx Dolphin 6.1.2, when register_globals is enabled, allow remote attackers to…
CVE-2013-3638 — CVSS 8.8 (high): SQL injection vulnerability in Boonex Dolphin before 7.1.3 allows remote authenticated users to execute arbitrary SQL commands via the…
CVE-2014-4333 — CVSS 6.8 (medium): Cross-site request forgery (CSRF) vulnerability in administration/profiles.php in Dolphin 7.1.4 and earlier allows remote attackers to…
CVE-2014-3810 — CVSS 6.5 (medium): SQL injection vulnerability in administration/profiles.php in BoonEx Dolphin 7.1.4 and earlier allows remote authenticated administrators…
CVE-2006-5410 — CVSS 5.1 (medium): PHP remote file inclusion vulnerability in templates/tmpl_dfl/scripts/index.php in BoonEx Dolphin 5.2 allows remote attackers to execute…
CVE-2006-4189 — CVSS 5.1 (medium): Multiple PHP remote file inclusion vulnerabilities in Dolphin 5.1 allow remote attackers to execute arbitrary PHP code via a URL in the…
CVE-2011-3728 — CVSS 5.0 (medium): Dolphin 7.0.4 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation…