Every CVE whose affected-product data names Drake Team Drake Cms, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (8)
CVE-2007-1849 — CVSS 7.5 (high): Directory traversal vulnerability in 404.php in Drake CMS allows remote attackers to include and execute arbitrary local arbitrary files…
CVE-2008-6475 — CVSS 7.5 (high): SQL injection vulnerability in the guestbook component (components/guestbook/guestbook.php) in Drake CMS 0.4.11 and earlier allows remote…
CVE-2006-5767 — CVSS 6.8 (medium): PHP remote file inclusion vulnerability in includes/xhtml.php in Drake CMS 0.2.2 alpha rev.846 and earlier allows remote attackers to…
CVE-2007-2618 — CVSS 5.1 (medium): CRLF injection vulnerability in index.php in Drake CMS 0.4.0 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP…
CVE-2007-1850 — CVSS 5.0 (medium): Directory traversal vulnerability in classes/captcha/captcha.jpg.php in Drake CMS allows remote attackers to read arbitrary files or list…
CVE-2007-6695 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in index.php in Drake CMS 0.4.9 allows remote attackers to inject arbitrary web script or HTML via…
CVE-2007-1848 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in admin/classes/ui.dta.php in Drake CMS allows remote attackers to inject arbitrary web script or…
CVE-2008-1371 — CVSS 3.6 (low): Absolute path traversal vulnerability in install/index.php in Drake CMS 0.4.11 RC8 allows remote attackers to read and execute arbitrary…