Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
plume-cms plume cms 1.1.3 vulnerabilities and exploits
(subscribe to this query)
231
VMScore
CVE-2011-3985
Cross-site scripting (XSS) vulnerability in Plume prior to 1.2.3 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Plume-cms Plume Cms 1.2
Plume-cms Plume Cms 1.0.6
Plume-cms Plume Cms
Plume-cms Plume Cms 1.0.4
Plume-cms Plume Cms 1.0.3
Plume-cms Plume Cms 1.0.2
Plume-cms Plume Cms 1.2.1
Plume-cms Plume Cms 1.1.3
Plume-cms Plume Cms 1.0.5
435
VMScore
CVE-2012-2156
Multiple cross-site scripting (XSS) vulnerabilities in Plume CMS 1.2.4 and previous versions allow remote malicious users to inject arbitrary web script or HTML via (1) the u_email parameter (aka Authors Email field) to manager/users.php, (2) the u_realname parameter (aka Authors...
Plume-cms Plume Cms 1.2.1
Plume-cms Plume Cms 1.2
Plume-cms Plume Cms 1.1.3
Plume-cms Plume Cms 1.0.6
Plume-cms Plume Cms 1.0.5
Plume-cms Plume Cms
Plume-cms Plume Cms 1.0.4
Plume-cms Plume Cms 1.0.3
Plume-cms Plume Cms 1.2.3
Plume-cms Plume Cms 1.2.2
Plume-cms Plume Cms 1.0.2
1 EDB exploit
685
VMScore
CVE-2012-1414
Cross-site request forgery (CSRF) vulnerability in manager/news.php in Plume CMS 1.2.4 and previous versions allows remote malicious users to hijack the authentication of administrators for requests that create News pages via a publish action.
Plume-cms Plume Cms 1.2
Plume-cms Plume Cms 1.1.3
Plume-cms Plume Cms 1.2.2
Plume-cms Plume Cms 1.2.1
Plume-cms Plume Cms 1.0.5
Plume-cms Plume Cms
Plume-cms Plume Cms 1.2.3
Plume-cms Plume Cms 1.0.3
Plume-cms Plume Cms 1.0.6
Plume-cms Plume Cms 1.0.2
Plume-cms Plume Cms 1.0.4
1 EDB exploit
755
VMScore
CVE-2006-7021
PHP remote file inclusion vulnerability in manager/tools/link/dbinstall.php in Plume CMS 1.1.3 allows remote malicious users to execute arbitrary PHP code via a URL in the _PX_config[manager_path] parameter.
Plume-cms Plume Cms 1.1.3
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started