GCVE - cpe:2.3:a:anantasoft:gazelle_cms:1.0:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:anantasoft:gazelle_cms:1.0:*:*:*:*:*:*:*

part: a version: 1.0 update: *

Vendor	Anantasoft (`03404a53-dcaa-59f0-8755-a547fb02f0dc`)
Product	Gazelle Cms (`f69a959a-b088-5485-b893-c5233fb94d37`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2009-3182`	vulnerable	2026-06-08 04:51:32.752509	Details available Unrestricted file upload vulnerability in admin/editor/filemanager/browser.html in Anantasoft Gazelle CMS 1.0 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in user/File/. Published: 2009-09-11T20:00:00.000Z Updated: 2024-08-07T06:14:56.385Z Open on db.gcve.eu Reference links http://www.exploit-db.com/exploits/9433 http://secunia.com/advisories/33686	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2009-3181`	vulnerable	2026-06-08 04:51:32.752234	Details available Directory traversal vulnerability in Anantasoft Gazelle CMS 1.0 allows remote attackers to overwrite arbitrary files via a .. (dot dot) in the customizetemplate parameter in a direct request to admin/settemplate.php. Published: 2009-09-11T20:00:00.000Z Updated: 2024-08-07T06:14:56.391Z Open on db.gcve.eu Reference links http://www.exploit-db.com/exploits/9425 http://secunia.com/advisories/33686	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2009-3180`	vulnerable	2026-06-08 04:51:32.751963	Details available Anantasoft Gazelle CMS 1.0 allows remote attackers to conduct a password reset for other users via a modified user parameter to renew.php. Published: 2009-09-11T20:00:00.000Z Updated: 2024-08-07T06:14:56.389Z Open on db.gcve.eu Reference links http://www.exploit-db.com/exploits/9425 http://secunia.com/advisories/33686	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2009-3167`	vulnerable	2026-06-08 04:51:32.550656	Details available Directory traversal vulnerability in index.php in Anantasoft Gazelle CMS 1.0, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the template parameter. Published: 2009-09-11T18:00:00.000Z Updated: 2024-08-07T06:14:56.485Z Open on db.gcve.eu Reference links http://www.exploit-db.com/exploits/9425 http://secunia.com/advisories/33686 http://www.securityfocus.com/bid/33483 http://www.exploit-db.com/exploits/7895	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.