Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
neocrome seditio - vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-4057
Unrestricted file upload vulnerability in pfs.php in Neocrome Seditio 121 and previous versions allows remote authenticated users to upload arbitrary PHP code via a filename ending with (1) .php.gif, (2) .php.jpg, or (3) .php.png.
Neocrome Seditio
1 EDB exploit
NA
CVE-2006-6177
SQL injection vulnerability in system/core/users/users.profile.inc.php in Neocrome Seditio 1.10 and previous versions allows remote authenticated users to execute arbitrary SQL commands via a double-url-encoded id parameter to users.php that begins with a valid filename, as demon...
Neocrome Seditio
1 EDB exploit
NA
CVE-2006-6343
SQL injection vulnerability in polls.php in Neocrome Seditio 1.10 and previous versions allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Neocrome Seditio
1 EDB exploit
NA
CVE-2007-6202
SQL injection vulnerability in plugins/search/search.php in Neocrome Seditio CMS 121 and previous versions allows remote malicious users to execute arbitrary SQL commands via the pag_sub[] parameter to plug.php.
Neocrome Seditio
1 EDB exploit
NA
CVE-2012-5915
Neocrome Seditio build 161 and previous versions allows remote malicious users to obtain sensitive information via direct request to (1) view.php, (2) plugins/contact/lang/contact.en.lang.php, (3) system/lang/en/main.lang.php, (4) system/lang/en/message.lang.php, or (5) system/co...
Neocrome Seditio -
NA
CVE-2012-5914
Multiple cross-site scripting (XSS) vulnerabilities in the sed_import function in system/functions.php in Neocrome Seditio build 160 and 161 allow remote malicious users to inject arbitrary web script or HTML via the (1) newmsg or (2) rtext parameter. NOTE: some of these details ...
Neocrome Seditio -
NA
CVE-2012-5916
Neocrome Seditio build 161 allows remote malicious users to obtain sensitive information via a direct request to (1) docs/new/seditio-createnew-160.sql, (2) docs/upgrade/sedito_convert_to_utf8.optional.sql, or (3) system/install/install.parser.sql.
Neocrome Seditio -
NA
CVE-2006-6344
Multiple unspecified vulnerabilities in Neocrome Seditio 1.10 and previous versions have unknown impact and attack vectors related to (1) plugins/ipsearch/ipsearch.admin.php, and (2) pfs/pfs.edit.inc.php, (3) users/users.register.inc.php in system/core. NOTE: the users.profile.in...
Neocrome Seditio
NA
CVE-2006-2634
Cross-site scripting (XSS) vulnerability in Neocrome Land Down Under (LDU) in Neocrome Seditio 102 allows remote malicious users to inject arbitrary web script or HTML via an HTTP Referer field.
Neocrome Seditio 102
NA
CVE-2009-1411
SQL injection vulnerability in events/inc/events.inc.php in the Events plugin for Seditio CMS 1.0 allows remote malicious users to execute arbitrary SQL commands via the c parameter to plug.php.
Neocrome Seditio 1.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »