Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpecho cms phpecho cms vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2008-0355
SQL injection vulnerability in index.php in the forum module in PHPEcho CMS, probably 2.0-rc3 and previous versions, allows remote malicious users to execute arbitrary SQL commands via the id parameter in a section action, a different vector than CVE-2007-2866.
Phpecho Cms Phpecho Cms
1 EDB exploit
668
VMScore
CVE-2007-2866
Multiple SQL injection vulnerabilities in modules/admin/modules/gallery.php in PHPEcho CMS 2.0-rc1 and previous versions allow remote malicious users to execute arbitrary SQL commands via the id parameter and possibly other parameters. NOTE: some of these details are obtained fro...
Phpecho Cms Phpecho Cms
668
VMScore
CVE-2007-3335
Multiple SQL injection vulnerabilities in the admin panel in PHPEcho CMS prior to 1.6 allow remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Phpecho Cms Phpecho Cms
668
VMScore
CVE-2007-1987
Multiple PHP remote file inclusion vulnerabilities in PHPEcho CMS 2.0 allow remote malicious users to execute arbitrary PHP code via a URL in the (1) _plugin_file parameter to smarty/internals/core.load_pulgins.php or the (2) root_path parameter to index.php. NOTE: CVE disputes (...
Phpecho Cms Phpecho Cms 2.0
383
VMScore
CVE-2007-1988
Cross-site scripting (XSS) vulnerability in kernel/filters.inc.php in PHPEcho CMS 2.0 allows remote malicious users to inject arbitrary web script or HTML via the id parameter.
Phpecho Cms Phpecho Cms 2.0
435
VMScore
CVE-2009-2401
Cross-site scripting (XSS) vulnerability in PHPEcho CMS 2.0-rc3 allows remote malicious users to inject arbitrary web script or HTML via a forum post.
Phpecho Cms Phpecho Cms 2.0-rc3
1 EDB exploit
755
VMScore
CVE-2009-2402
SQL injection vulnerability in index.php in the forum module in PHPEcho CMS 2.0-rc3 allows remote malicious users to execute arbitrary SQL commands via the id parameter in a thread action, a different vector than CVE-2008-0355.
Phpecho Cms Phpecho Cms 2.0-rc3
1 EDB exploit
668
VMScore
CVE-2008-7034
PHP remote file inclusion vulnerability in kernel/smarty/Smarty.class.php in PHPEcho CMS 2.0 rc3 allows remote malicious users to execute arbitrary PHP code via a URL in unspecified vectors that modify the _smarty_compile_path variable in the fetch function.
Tigran Abrahamyan Phpecho Cms 2.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started