Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pixelpost pixelpost vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-1105
Pixelpost 1.5 beta 1 and previous versions allows remote malicious users to obtain configuration information via a direct request to includes/phpinfo.php, which calls the phpinfo function. NOTE: the vendor has disputed some issues from the original disclosure, but due to the vagu...
Pixelpost Pixelpost 1.4.3
Pixelpost Pixelpost 1.5 Beta1
NA
CVE-2006-1106
Cross-site scripting (XSS) vulnerability in Pixelpost 1.5 beta 1 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the (1) message, (2) name, (3) url, and (4) email parameters when commenting on a post. NOTE: the vendor has disputed so...
Pixelpost Pixelpost 1.4.3
Pixelpost Pixelpost 1.5 Beta1
NA
CVE-2006-1104
Multiple SQL injection vulnerabilities in Pixelpost 1.5 beta 1 and previous versions allow remote malicious users to execute arbitrary SQL commands via (1) the showimage parameter in index.php; and the (2) USER_AGENT, (3) HTTP_REFERER, and (4) HTTP_HOST HTTP header fields as used...
Pixelpost Pixelpost 1.5 Beta1
Pixelpost Pixelpost 1.4.3
NA
CVE-2006-2889
Multiple SQL injection vulnerabilities in index.php in Pixelpost 1-5rc1-2 and previous versions allow remote malicious users to execute arbitrary SQL commands, and leverage them to gain administrator privileges, via the (1) category or (2) archivedate parameter.
Pixelpost Pixelpost
1 EDB exploit
6.1
CVSSv3
CVE-2018-0605
Cross-site scripting vulnerability in Pixelpost v1.7.3 and previous versions allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Pixelpost Pixelpost
NA
CVE-2008-0358
SQL injection vulnerability in index.php in Pixelpost 1.7 allows remote malicious users to execute arbitrary SQL commands via the parent_id parameter.
Pixelpost Pixelpost 1.7
1 EDB exploit
7.2
CVSSv3
CVE-2018-0604
Pixelpost v1.7.3 and previous versions allows remote code execution via unspecified vectors.
Pixelpost Pixelpost 1.7.3
NA
CVE-2011-3792
Pixelpost 1.7.3 allows remote malicious users to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by includes/functions_feeds.php and certain other files.
Pixelpost Pixelpost 1.7.3
7.2
CVSSv3
CVE-2018-0606
SQL injection vulnerability in the Pixelpost v1.7.3 and previous versions allows remote authenticated malicious users to execute arbitrary SQL commands via unspecified vectors.
Pixelpost Pixelpost 1.7.3
NA
CVE-2011-1100
Multiple SQL injection vulnerabilities in admin/index.php in Pixelpost 1.7.3 allow remote authenticated users to execute arbitrary SQL commands via the (1) findfid, (2) id, (3) selectfcat, (4) selectfmon, or (5) selectftag parameter in an images action.
Pixelpost Pixelpost 1.7.3
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »