Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
blog:cms vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2010-4749
Multiple cross-site scripting (XSS) vulnerabilities in BLOG:CMS 4.2.1.e, and possibly earlier, allow remote malicious users to inject arbitrary web script or HTML via the (1) body parameter to action.php and the (2) amount and (3) action parameters to admin/index.php.
Blogcms Blog\\ Cms
1 EDB exploit
NA
CVE-2006-3364
SQL injection vulnerability in index.php in the NP_SEO plugin in BLOG:CMS prior to 4.1.0 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
F-art Agency Blog Cms
1 EDB exploit
NA
CVE-2010-4750
Cross-site request forgery (CSRF) vulnerability in admin/libs/ADMIN.php in BLOG:CMS 4.2.1.e, and possibly earlier, allows remote malicious users to hijack the authentication of administrators.
Blogcms Blog\\ Cms
1 EDB exploit
NA
CVE-2006-6035
Cross-site scripting (XSS) vulnerability in list.php in BLOG:CMS 4.1.3 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the FADDR parameter.
F-art Agency Blog Cms
1 EDB exploit
NA
CVE-2006-6552
PHP remote file inclusion vulnerability in admin/plugins/NP_UserSharing.php in BLOG:CMS 4.1.3 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the DIR_ADMIN parameter.
Php Blog Cms 4.1.3
1 EDB exploit
NA
CVE-2008-0359
Multiple cross-site scripting (XSS) vulnerabilities in BLOG:CMS 4.2.1b allow remote malicious users to inject arbitrary web script or HTML via the PATH_INFO to (1) admin.php or (2) index.php in photo/.
Blog Cms Blog Cms 4.2.1 C
1 EDB exploit
NA
CVE-2008-0360
Multiple SQL injection vulnerabilities in BLOG:CMS 4.2.1b allow remote malicious users to execute arbitrary SQL commands via (1) the blogid parameter to index.php, (2) the user parameter to action.php, or (3) the field parameter to admin/plugins/table/index.php.
Blog Cms Blog Cms 4.2.1 C
1 EDB exploit
NA
CVE-2005-4686
PunBB 1.2.9, when used alone or with F-ART BLOG:CMS, includes config.php before calling the unregister_globals function, which allows malicious users to obtain unspecified sensitive information.
Punbb Punbb 1.2.5
Punbb Punbb 1.2.7
Punbb Punbb 1.2.9
Punbb Punbb 1.2.1
Punbb Punbb 1.2.2
Punbb Punbb 1.2.3
Punbb Punbb 1.2.4
Punbb Punbb 1.2.6
Punbb Punbb 1.2.8
NA
CVE-2008-0450
Multiple PHP remote file inclusion vulnerabilities in BLOG:CMS 4.2.1.c allow remote malicious users to execute arbitrary PHP code via a URL in the (1) DIR_PLUGINS parameter to (a) index.php, and the (2) DIR_LIBS parameter to (b) media.php and (c) xmlrpc/server.php in admin/.
Blog Cms Blog Cms 4.2.1 C
NA
CVE-2005-4687
PunBB 1.2.9, used alone or with F-ART BLOG:CMS, may trust a client's IP address as specified in the X-Forwarded-For HTTP header rather than the TCP/IP stack, which allows remote malicious users to misrepresent their IP address by sending a modified header.
F-art Agency Blog Cms 3.0
F-art Agency Blog Cms 3.1
F-art Agency Blog Cms 3.1.2
Punbb Punbb 1.2.4
Punbb Punbb 1.2.5
Punbb Punbb 1.2.6
Punbb Punbb 1.2.7
F-art Agency Blog Cms 3.1.3
F-art Agency Blog Cms 3.6.2
Punbb Punbb 1.2.1
Punbb Punbb 1.2.3
Punbb Punbb 1.2.8
F-art Agency Blog Cms 4.0.0
F-art Agency Blog Cms 4.0.0a
F-art Agency Blog Cms 4.0.0b
F-art Agency Blog Cms 4.0.0c
F-art Agency Blog Cms 3.1.4
F-art Agency Blog Cms 3.6.4
F-art Agency Blog Cms 4.0.0d
Punbb Punbb 1.2.2
Punbb Punbb 1.2.9
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-24955
man-in-the-middle
dos
CVE-2024-2818
CVE-2024-30584
CVE-2024-31134
camera
CVE-2023-45866
CVE-2024-30585
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »