Constructr Constructr-cms — known CVE vulnerabilities
Every CVE whose affected-product data names Constructr Constructr-cms, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2008-5859 — CVSS 5.1 (medium): SQL injection vulnerability in index.php in Constructr CMS 3.02.5 and earlier, when register_globals is enabled and magic_quotes_gpc is…
CVE-2008-5860 — CVSS 5.1 (medium): Directory traversal vulnerability in backend/template.php in Constructr CMS 3.02.5 and earlier, when register_globals is enabled and…
CVE-2008-5847 — CVSS 2.6 (low): Constructr CMS 3.02.5 and earlier stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain…