Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
community cms community cms vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2009-0406
SQL injection vulnerability in index.php in Community CMS 0.4 and previous versions allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Community Cms Community Cms
Community Cms Community Cms 0.1.1
Community Cms Community Cms 0.1
Community Cms Community Cms 0.3
Community Cms Community Cms 0.2
1 EDB exploit
7.5
CVSSv2
CVE-2009-4794
Multiple SQL injection vulnerabilities in Community CMS 0.5 allow remote malicious users to execute arbitrary SQL commands via the (1) article_id parameter to view.php and the (2) a parameter in an event action to calendar.php, reachable through index.php.
Community Cms Community Cms 0.5
1 EDB exploit
7.5
CVSSv2
CVE-2006-4559
Multiple PHP remote file inclusion vulnerabilities in Yet Another Community System (YACS) CMS 6.6.1 allow remote malicious users to execute arbitrary PHP code via a URL in the context[path_to_root] parameter in (1) articles/populate.php, (2) categories/category.php, (3) categorie...
Bernard Pacques Yet Another Community System Cms 6.6.1
1 EDB exploit
7.5
CVSSv2
CVE-2006-4532
PHP remote file inclusion vulnerability in articles/article.php in Yet Another Community System (YACS) CMS 6.6.1 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the context[path_to_root] parameter.
Bernard Pacques Yet Another Community System Cms 6.6.1
1 EDB exploit
6
CVSSv2
CVE-2021-32924
Invision Community (aka IPS Community Suite) prior to 4.6.0 allows eval-based PHP code injection by a moderator because the IPS\cms\modules\front\pages\_builder::previewBlock method interacts unsafely with the IPS\_Theme::runProcessFunction method.
Invisioncommunity Ips Community Suite
4.3
CVSSv2
CVE-2013-4759
Multiple cross-site scripting (XSS) vulnerabilities in the Magnolia Form module 1.x prior to 1.4.7 and 2.x prior to 2.0.2 for Magnolia CMS allow remote malicious users to inject arbitrary web script or HTML via the (1) username, (2) fullname, or (3) email parameter to magnoliaPub...
Magnolia-cms Magnolia Form Module 1.4.5
Magnolia-cms Magnolia Form Module 1.4.6
Magnolia-cms Magnolia Form Module 2.0
Magnolia-cms Magnolia Form Module 2.0.1
Magnolia-cms Magnolia Form Module 1.4
Magnolia-cms Magnolia Form Module 1.4.1
Magnolia-cms Magnolia Form Module 1.4.2
Magnolia-cms Magnolia Form Module 1.4.3
Magnolia-cms Magnolia Form Module 1.4.4
1 EDB exploit
4.3
CVSSv2
CVE-2009-4782
Multiple cross-site scripting (XSS) vulnerabilities in Theeta CMS, possibly 0.01, allow remote malicious users to inject arbitrary web script or HTML via the (1) start, (2) forum, and (3) cat parameters to community/thread.php; (4) start and (5) cat parameters to community/forum....
Mntechsolutions Theeta Cms 0.01
Mntechsolutions Theeta Cms 0.0
1 EDB exploit
7.5
CVSSv2
CVE-2009-4783
Multiple SQL injection vulnerabilities in Theeta CMS, possibly 0.01, allow remote malicious users to execute arbitrary SQL commands via the start parameter to (1) forum.php and (2) thread.php in community/, and (3) blog/index.php.
Mntechsolutions Theeta Cms 0.01
Mntechsolutions Theeta Cms 0.0
1 EDB exploit
7.5
CVSSv2
CVE-2008-5960
SQL injection vulnerability in index.php in Tribiq CMS Community 5.0.10B and 5.0.11E allows remote malicious users to execute arbitrary SQL commands via the cID parameter in a document action. NOTE: the provenance of this information is unknown; the details are obtained solely fr...
Tribiq Tribiq Cms 5.0.10b
Tribiq Tribiq Cms 5.0.11e
4.3
CVSSv2
CVE-2008-5961
Cross-site scripting (XSS) vulnerability in index.php in Tribiq CMS Community 5.0.10B and 5.0.11E allows remote malicious users to inject arbitrary web script or HTML via the cID parameter in a document action. NOTE: the provenance of this information is unknown; the details are ...
Tribiq Tribiq Cms 5.0.10b
Tribiq Tribiq Cms 5.0.11e
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »