Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
genixcms genixcms 1.0.2 vulnerabilities and exploits
(subscribe to this query)
570
VMScore
CVE-2017-8827
forgotpassword.php in GeniXCMS 1.0.2 lacks a rate limit, which might allow remote malicious users to cause a denial of service (login inability) or possibly conduct Arbitrary User Password Reset attacks via a series of requests.
Genixcms Genixcms 1.0.2
312
VMScore
CVE-2017-8376
GeniXCMS 1.0.2 has XSS triggered by an authenticated comment that is mishandled during a mouse operation by an administrator.
Genixcms Genixcms 1.0.2
578
VMScore
CVE-2017-8377
GeniXCMS 1.0.2 has SQL Injection in inc/lib/Control/Backend/menus.control.php via the menuid parameter.
Genixcms Genixcms 1.0.2
445
VMScore
CVE-2017-8388
GeniXCMS 1.0.2 allows remote malicious users to bypass the alertDanger MSG_USER_EMAIL_EXIST protection mechanism via a register.php?act=edit&id=1 request.
Genixcms Genixcms 1.0.2
312
VMScore
CVE-2017-8762
GeniXCMS 1.0.2 has XSS triggered by an authenticated user who submits a page, as demonstrated by a crafted oncut attribute in a B element.
Genixcms Genixcms 1.0.2
312
VMScore
CVE-2017-8780
GeniXCMS 1.0.2 has XSS triggered by a comment that is mishandled during a publish operation by an administrator, as demonstrated by a malformed P element.
Genixcms Genixcms 1.0.2
668
VMScore
CVE-2017-5959
CSRF token bypass in GeniXCMS prior to 1.0.2 could result in escalation of privileges. The forgotpassword.php page can be used to acquire a token.
Metalgenix Genixcms
578
VMScore
CVE-2017-6065
SQL injection vulnerability in inc/lib/Control/Backend/menus.control.php in GeniXCMS up to and including 1.0.2 allows remote authenticated users to execute arbitrary SQL commands via the order parameter.
Metalgenix Genixcms
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started