Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpcms phpcms vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2005-1840
Directory traversal vulnerability in class.layout_phpcms.php in phpCMS 1.2.x prior to 1.2.1pl2 allows remote malicious users to read or include arbitrary files, as demonstrated using a .. (dot dot) in the language parameter to parser.php.
Phpcms Phpcms 1.2.1
Phpcms Phpcms 1.2.1 P12
Phpcms Phpcms 1.2.1 Pl1
Phpcms Phpcms 1.2.0
6.8
CVSSv2
CVE-2004-1202
Cross-site scripting (XSS) vulnerability in parser.php in phpCMS 1.2.1 and previous versions, with non-stealth and debug modes enabled, allows remote malicious users to inject arbitrary web script or HTML via the file parameter.
Phpcms Phpcms 1.1.9
Phpcms Phpcms 1.2
Phpcms Phpcms 1.2.1
5
CVSSv2
CVE-2004-1203
parser.php in phpCMS 1.2.1 and previous versions, with non-stealth and debug modes enabled, allows remote malicious users to gain sensitive information via an invalid file parameter, which reveals the web server's installation path.
Phpcms Phpcms 1.1.9
Phpcms Phpcms 1.2.0
Phpcms Phpcms 1.2.1
3.5
CVSSv2
CVE-2019-10027
PHPCMS 9.6.x up to and including 9.6.3 has XSS via the mailbox (aka E-mail) field on the personal information screen.
Phpcms Phpcms
5
CVSSv2
CVE-2018-14940
PHPCMS 9 allows remote malicious users to cause a denial of service (resource consumption) via large font_size, height, and width parameters in an api.php?op=checkcode request.
Phpcms Phpcms 9.0
7.5
CVSSv2
CVE-2018-19127
A code injection vulnerability in /type.php in PHPCMS 2008 allows malicious users to write arbitrary content to a website cache file with a controllable filename, leading to arbitrary code execution. The PHP code is sent via the template parameter, and is written to a data/cache_...
Phpcms Phpcms 2008
1 Github repository
7.5
CVSSv2
CVE-2020-22199
SQL Injection vulnerability in phpCMS 2007 SP6 build 0805 via the digg_mod parameter to digg_add.php.
Phpcms Phpcms 2007
5
CVSSv2
CVE-2020-22200
Directory Traversal vulnerability in phpCMS 9.1.13 via the q parameter to public_get_suggest_keyword.
Phpcms Phpcms 9.1.13
4.3
CVSSv2
CVE-2021-40910
There is a reflective cross-site scripting (XSS) vulnerability in the PHPCMS V9.6.3 management side.
Phpcms Phpcms 9.6.3
7.8
CVSSv2
CVE-2008-0513
Directory traversal vulnerability in parser/include/class.cache_phpcms.php in phpCMS 1.2.2 allows remote malicious users to read arbitrary files via a .. (dot dot) in the file parameter to parser/parser.php, as demonstrated by a filename ending with %00.gif, a different vector th...
Phpcms Phpcms 1.2.2
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-26978
CVE-2024-26982
wireless
CVE-2023-6949
CVE-2024-26980
CVE-2024-32766
CVE-2024-26939
cache poisoning
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »