Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cmscout cmscout vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-2188
Multiple cross-site scripting (XSS) vulnerabilities in CMScout 1.10 and previous versions allow remote malicious users to inject arbitrary web script or HTML via (1) the Body field of a private message (PM), (2) BBCode, or (3) a forum post.
Cmscout Cmscout
NA
CVE-2007-3812
SQL injection vulnerability in forums.php in CMScout 1.23 and previous versions allows remote malicious users to execute arbitrary SQL commands via the f parameter in a forums action to index.php.
Cmscout Cmscout
1 EDB exploit
NA
CVE-2010-5059
SQL injection vulnerability in index.php in CMScout 2.0.8 allows remote malicious users to execute arbitrary SQL commands via the album parameter in a photos action.
Cmscout Cmscout 2.08
1 EDB exploit
NA
CVE-2008-3415
Directory traversal vulnerability in common.php in CMScout 2.05, when .htaccess is not supported, allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in the bit parameter, as demonstrated by an upload to avatar/ of a .jpg f...
Cmscout Cmscout 2.05
1 EDB exploit
NA
CVE-2008-6725
Multiple SQL injection vulnerabilities in CMScout 2.06 allow remote authenticated users to execute arbitrary SQL commands via the id parameter to (1) index.php in a mythings page (mythings.php) and (2) the users page in admin.php.
Cmscout Cmscout 2.06
1 EDB exploit
NA
CVE-2008-6726
Multiple directory traversal vulnerabilities in CMScout 2.06, when register_globals is enabled, allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the bit parameter to (1) admin.php and (2) index.php, different vectors than CVE-2008-34...
Cmscout Cmscout 2.06
1 EDB exploit
NA
CVE-2010-2154
Cross-site scripting (XSS) vulnerability in the Search Site in CMScout 2.09, and possibly other versions, allows remote malicious users to inject arbitrary web script or HTML via the search parameter. NOTE: some of these details are obtained from third party information.
Cmscout Cmscout 2.09
1 EDB exploit
NA
CVE-2010-5281
Directory traversal vulnerability in ibrowser.php in the CMScout 2.09 IBrowser TinyMCE Plugin 1.4.1, when magic_quotes_gpc is disabled, allows remote malicious users to read arbitrary files via a .. (dot dot) in the lang parameter. NOTE: some of these details are obtained from th...
Net4visions Ibrowser 1.4.1
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started