Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
neocrome seditio vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-4057
Unrestricted file upload vulnerability in pfs.php in Neocrome Seditio 121 and previous versions allows remote authenticated users to upload arbitrary PHP code via a filename ending with (1) .php.gif, (2) .php.jpg, or (3) .php.png.
Neocrome Seditio
1 EDB exploit
NA
CVE-2007-6202
SQL injection vulnerability in plugins/search/search.php in Neocrome Seditio CMS 121 and previous versions allows remote malicious users to execute arbitrary SQL commands via the pag_sub[] parameter to plug.php.
Neocrome Seditio
1 EDB exploit
NA
CVE-2012-5914
Multiple cross-site scripting (XSS) vulnerabilities in the sed_import function in system/functions.php in Neocrome Seditio build 160 and 161 allow remote malicious users to inject arbitrary web script or HTML via the (1) newmsg or (2) rtext parameter. NOTE: some of these details ...
Neocrome Seditio -
NA
CVE-2012-5915
Neocrome Seditio build 161 and previous versions allows remote malicious users to obtain sensitive information via direct request to (1) view.php, (2) plugins/contact/lang/contact.en.lang.php, (3) system/lang/en/main.lang.php, (4) system/lang/en/message.lang.php, or (5) system/co...
Neocrome Seditio -
NA
CVE-2012-5916
Neocrome Seditio build 161 allows remote malicious users to obtain sensitive information via a direct request to (1) docs/new/seditio-createnew-160.sql, (2) docs/upgrade/sedito_convert_to_utf8.optional.sql, or (3) system/install/install.parser.sql.
Neocrome Seditio -
NA
CVE-2006-6177
SQL injection vulnerability in system/core/users/users.profile.inc.php in Neocrome Seditio 1.10 and previous versions allows remote authenticated users to execute arbitrary SQL commands via a double-url-encoded id parameter to users.php that begins with a valid filename, as demon...
Neocrome Seditio
1 EDB exploit
NA
CVE-2006-6343
SQL injection vulnerability in polls.php in Neocrome Seditio 1.10 and previous versions allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Neocrome Seditio
1 EDB exploit
NA
CVE-2006-6344
Multiple unspecified vulnerabilities in Neocrome Seditio 1.10 and previous versions have unknown impact and attack vectors related to (1) plugins/ipsearch/ipsearch.admin.php, and (2) pfs/pfs.edit.inc.php, (3) users/users.register.inc.php in system/core. NOTE: the users.profile.in...
Neocrome Seditio
NA
CVE-2006-2634
Cross-site scripting (XSS) vulnerability in Neocrome Land Down Under (LDU) in Neocrome Seditio 102 allows remote malicious users to inject arbitrary web script or HTML via an HTTP Referer field.
Neocrome Seditio 102
NA
CVE-2009-1411
SQL injection vulnerability in events/inc/events.inc.php in the Events plugin for Seditio CMS 1.0 allows remote malicious users to execute arbitrary SQL commands via the c parameter to plug.php.
Neocrome Seditio 1.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »