Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
kasseler-cms vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-4356
Multiple SQL injection vulnerabilities in Kasseler CMS 1.1.0 and 1.2.0 allow remote malicious users to execute arbitrary SQL commands via (1) the nid parameter to index.php in a View action to the News module; (2) the vid parameter to index.php in a Result action to the Voting mo...
Kasseler-cms Kasseler Cms 1.1.0
Kasseler-cms Kasseler Cms 1.2.0
1 EDB exploit
NA
CVE-2008-3088
Cross-site scripting (XSS) vulnerability in the Files module in Kasseler CMS 1.3.0 and 1.3.1 Lite allows remote malicious users to inject arbitrary web script or HTML via the cid parameter in a Category action to index.php.
Kasseler-cms Kasseler Cms 1.3.0
Kasseler-cms Kasseler Cms 1.3.1
1 EDB exploit
NA
CVE-2013-3727
SQL injection vulnerability in Kasseler CMS prior to 2 r1232 allows remote authenticated users to execute arbitrary SQL commands via the groups[] parameter to admin.php. NOTE: this can be leveraged using CSRF to allow remote unauthenticated malicious users to execute arbitrary SQ...
Kasseler-cms Kasseler-cms
1 EDB exploit
NA
CVE-2013-3728
Cross-site scripting (XSS) vulnerability in Kasseler CMS prior to 2 r1232 allows remote authenticated users with permissions to create categories to inject arbitrary web script or HTML via the cat parameter in an admin_new_category action to admin.php.
Kasseler-cms Kasseler-cms
1 EDB exploit
NA
CVE-2013-3729
Multiple cross-site request forgery (CSRF) vulnerabilities in Kasseler CMS prior to 2 r1232 allow remote malicious users to hijack the authentication of administrators for requests that conduct SQL injection attacks via the (1) groups[] parameter in a send action in the sendmail ...
Kasseler-cms Kasseler-cms
1 EDB exploit
NA
CVE-2009-2228
Cross-site scripting (XSS) vulnerability in engine.php in Kasseler CMS allows remote malicious users to inject arbitrary web script or HTML via the url parameter in a redirect action.
Kasseler-cms Kasseler Cms
1 EDB exploit
NA
CVE-2009-2229
Directory traversal vulnerability in engine.php in Kasseler CMS 1.3.5 lite allows remote malicious users to read arbitrary files via a .. (dot dot) in the file parameter during a download action, a different vector than CVE-2008-3087. NOTE: some of these details are obtained from...
Kasseler-cms Kasseler Cms 1.3.5
1 EDB exploit
NA
CVE-2008-3087
Directory traversal vulnerability in Kasseler CMS 1.3.0 allows remote malicious users to read arbitrary files via a .. (dot dot) in the file parameter to index.php, possibly related to the phpManual module.
Kasseler-cms Kasseler Cms 1.3.0
1 EDB exploit
NA
CVE-2009-4822
Multiple cross-site scripting (XSS) vulnerabilities in index.php in Kasseler CMS 1.3.4 allow remote malicious users to inject arbitrary web script or HTML via the (1) do, (2) id, and (3) uname parameters.
Kasseler-cms Kasseler Cms 1.3.4
2 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-38028
CVE-2024-32406
CVE-2024-25624
IMAP
CVE-2024-2310
CVE-2024-0874
CVE-2024-20359
XXE
remote code execution
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started