Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pixelpost pixelpost vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-1104
Multiple SQL injection vulnerabilities in Pixelpost 1.5 beta 1 and previous versions allow remote malicious users to execute arbitrary SQL commands via (1) the showimage parameter in index.php; and the (2) USER_AGENT, (3) HTTP_REFERER, and (4) HTTP_HOST HTTP header fields as used...
Pixelpost Pixelpost 1.5 Beta1
Pixelpost Pixelpost 1.4.3
NA
CVE-2006-1105
Pixelpost 1.5 beta 1 and previous versions allows remote malicious users to obtain configuration information via a direct request to includes/phpinfo.php, which calls the phpinfo function. NOTE: the vendor has disputed some issues from the original disclosure, but due to the vagu...
Pixelpost Pixelpost 1.4.3
Pixelpost Pixelpost 1.5 Beta1
NA
CVE-2006-1106
Cross-site scripting (XSS) vulnerability in Pixelpost 1.5 beta 1 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the (1) message, (2) name, (3) url, and (4) email parameters when commenting on a post. NOTE: the vendor has disputed so...
Pixelpost Pixelpost 1.4.3
Pixelpost Pixelpost 1.5 Beta1
6.1
CVSSv3
CVE-2018-0605
Cross-site scripting vulnerability in Pixelpost v1.7.3 and previous versions allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Pixelpost Pixelpost
NA
CVE-2006-2889
Multiple SQL injection vulnerabilities in index.php in Pixelpost 1-5rc1-2 and previous versions allow remote malicious users to execute arbitrary SQL commands, and leverage them to gain administrator privileges, via the (1) category or (2) archivedate parameter.
Pixelpost Pixelpost
1 EDB exploit
NA
CVE-2008-3365
Directory traversal vulnerability in index.php in Pixelpost 1.7.1 on Windows, when register_globals is enabled, allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the language_full parameter.
Pixelpost Pixelpost 1.7.1
1 EDB exploit
7.2
CVSSv3
CVE-2018-0604
Pixelpost v1.7.3 and previous versions allows remote code execution via unspecified vectors.
Pixelpost Pixelpost 1.7.3
NA
CVE-2006-2890
Pixelpost 1-5rc1-2 and previous versions, when register_globals is enabled, allows remote malicious users to gain administrator privileges and conduct other attacks by setting the _SESSION["pixelpost_admin"] parameter to 1 in calls to admin scripts such as admin/view_in...
Pixelpost Pixelpost 1.5 Rc1
NA
CVE-2006-2891
Cross-site scripting (XSS) vulnerability in admin/index.php for Pixelpost 1-5rc1-2 and previous versions allows remote malicious users to inject arbitrary HTML or web script via the loginmessage parameter.
Pixelpost Pixelpost 1.5 Rc1
NA
CVE-2011-3792
Pixelpost 1.7.3 allows remote malicious users to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by includes/functions_feeds.php and certain other files.
Pixelpost Pixelpost 1.7.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4651
CVE-2024-34255
elevation of privilege
CVE-2024-25529
CVE-2024-4671
NULL pointer dereference
CVE-2024-25527
template injection
CVE-2008-0166
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »