Eval injection vulnerability in the ReplaceListVars function in the template parser in e/class/connect.php in EmpireCMS 6.6 allows user-assisted remote attackers to execute arbitrary PHP code via a crafted template.

SQL injection vulnerability in Empire CMS 5.1 allows remote attackers to execute arbitrary SQL commands via the bid parameter to the default URI under e/tool/gbook/.

PHP remote file inclusion vulnerability in e/class/CheckLevel.php in Phome Empire CMS 3.7 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the check_path parameter.