Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mtcms mtcms vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv2
CVE-2011-3993
SKYARC MTCMS prior to 5.252, and the MultiFileUploader 0.44 and previous versions, DuplicateEntry 1.2 and previous versions, MailPack 1.741 and previous versions, and AutoTagging 0.08 and previous versions plugins for Movable Type, uses weak permissions, which allows remote authe...
Skyarc Mtcms 5.24
Skyarc Multifileuploader
Skyarc Mailpack
Skyarc Mtcms 5.251
Skyarc Mtcms 5.25
Skyarc Mtcms 5.23
Skyarc Mtcms 5.22
Skyarc Mtcms 5.21
Skyarc Mtcms 5.2
Skyarc Mtcms
Skyarc Duplicateentry
Skyarc Autotagging
6.8
CVSSv2
CVE-2011-3994
Cross-site request forgery (CSRF) vulnerability in SKYARC MTCMS prior to 5.252, and the MultiFileUploader 0.44 and previous versions, DuplicateEntry 1.2 and previous versions, MailPack 1.741 and previous versions, and AutoTagging 0.08 and previous versions plugins for Movable Typ...
Skyarc Mtcms 5.251
Skyarc Mtcms 5.25
Skyarc Mtcms 5.24
Skyarc Mtcms 5.21
Skyarc Multifileuploader
Skyarc Mtcms
Skyarc Mailpack
Skyarc Autotagging
Skyarc Mtcms 5.23
Skyarc Mtcms 5.22
Skyarc Mtcms 5.2
Skyarc Duplicateentry
6.8
CVSSv2
CVE-2006-6796
PHP remote file inclusion vulnerability in admin/admin_settings.php in MTCMS 2.0 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the ins_file parameter.
Mtcms Mtcms
1 EDB exploit
7.5
CVSSv2
CVE-2008-0280
SQL injection vulnerability in index.php in MTCMS 2.0 and possibly earlier versions allows remote malicious users to execute arbitrary SQL commands via the (1) a or (2) cid parameter.
Mtcms Mtcms 2.0
1 EDB exploit
7.5
CVSSv2
CVE-2007-1129
Multiple unrestricted file upload vulnerabilities in MTCMS 3.2 allow remote malicious users to upload and execute files via (1) an avatar upload in an add_down action, or (2) an add_link action.
Mtcms Mtcms 3.2
4.3
CVSSv2
CVE-2007-1132
Multiple cross-site scripting (XSS) vulnerabilities in the "Contact Us" functionality in MTCMS 2.2 allow remote malicious users to inject arbitrary web script or HTML via the (1) message and (2) title fields.
Mtcms Mtcms 2.2
4.3
CVSSv2
CVE-2008-6448
Cross-site scripting (XSS) vulnerability in install.cgi in SKYARC System MTCMS WYSIWYG Editor allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Skyarc Mtcms Wysiwyg Editor -
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started