Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mtcms mtcms vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2011-3994
Cross-site request forgery (CSRF) vulnerability in SKYARC MTCMS prior to 5.252, and the MultiFileUploader 0.44 and previous versions, DuplicateEntry 1.2 and previous versions, MailPack 1.741 and previous versions, and AutoTagging 0.08 and previous versions plugins for Movable Typ...
Skyarc Mtcms 5.251
Skyarc Mtcms 5.25
Skyarc Mtcms 5.24
Skyarc Mtcms 5.21
Skyarc Multifileuploader
Skyarc Mtcms
Skyarc Mailpack
Skyarc Autotagging
Skyarc Mtcms 5.23
Skyarc Mtcms 5.22
Skyarc Mtcms 5.2
Skyarc Duplicateentry
NA
CVE-2011-3993
SKYARC MTCMS prior to 5.252, and the MultiFileUploader 0.44 and previous versions, DuplicateEntry 1.2 and previous versions, MailPack 1.741 and previous versions, and AutoTagging 0.08 and previous versions plugins for Movable Type, uses weak permissions, which allows remote authe...
Skyarc Mtcms 5.24
Skyarc Multifileuploader
Skyarc Mailpack
Skyarc Mtcms 5.251
Skyarc Mtcms 5.25
Skyarc Mtcms 5.23
Skyarc Mtcms 5.22
Skyarc Mtcms 5.21
Skyarc Mtcms 5.2
Skyarc Mtcms
Skyarc Duplicateentry
Skyarc Autotagging
NA
CVE-2006-6796
PHP remote file inclusion vulnerability in admin/admin_settings.php in MTCMS 2.0 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the ins_file parameter.
Mtcms Mtcms
1 EDB exploit
NA
CVE-2008-0280
SQL injection vulnerability in index.php in MTCMS 2.0 and possibly earlier versions allows remote malicious users to execute arbitrary SQL commands via the (1) a or (2) cid parameter.
Mtcms Mtcms 2.0
1 EDB exploit
NA
CVE-2007-1129
Multiple unrestricted file upload vulnerabilities in MTCMS 3.2 allow remote malicious users to upload and execute files via (1) an avatar upload in an add_down action, or (2) an add_link action.
Mtcms Mtcms 3.2
NA
CVE-2007-1132
Multiple cross-site scripting (XSS) vulnerabilities in the "Contact Us" functionality in MTCMS 2.2 allow remote malicious users to inject arbitrary web script or HTML via the (1) message and (2) title fields.
Mtcms Mtcms 2.2
NA
CVE-2008-6448
Cross-site scripting (XSS) vulnerability in install.cgi in SKYARC System MTCMS WYSIWYG Editor allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Skyarc Mtcms Wysiwyg Editor -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started