Realm Project Realm Cms — known CVE vulnerabilities
Every CVE whose affected-product data names Realm Project Realm Cms, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2008-2679 — CVSS 7.5 (high): SQL injection vulnerability in the KeyWordsList function in _includes/inc_routines.asp in Realm CMS 2.3 and earlier allows remote attackers…
CVE-2008-2682 — CVSS 7.5 (high): _RealmAdmin/login.asp in Realm CMS 2.3 and earlier allows remote attackers to bypass authentication and access admin pages via certain…
CVE-2008-2681 — CVSS 5.0 (medium): Realm CMS 2.3 and earlier allows remote attackers to obtain sensitive information via a direct request to _db/compact.asp, which reveals…
CVE-2008-2680 — CVSS 4.3 (medium): Multiple cross-site scripting (XSS) vulnerabilities in _db/compact.asp in Realm CMS 2.3 and earlier allow remote attackers to inject…