Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
razorcms razorcms vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2018-19905
HTML injection exists in razorCMS 3.4.8 via the /#/page keywords parameter.
Razorcms Razorcms 3.4.8
3.5
CVSSv2
CVE-2018-19906
Stored XSS exists in razorCMS 3.4.8 via the /#/page description parameter.
Razorcms Razorcms 3.4.8
6.8
CVSSv2
CVE-2018-17986
rars/user/data in razorCMS 3.4.8 allows CSRF for changing the password of an admin user.
Razorcms Razorcms 3.4.8
3.5
CVSSv2
CVE-2018-16726
razorCMS 3.4.7 allows HTML injection via the description of the homepage within the settings component.
Razorcms Razorcms 3.4.7
3.5
CVSSv2
CVE-2018-16727
razorCMS 3.4.7 allows Stored XSS via the keywords of the homepage within the settings component.
Razorcms Razorcms 3.4.7
6.5
CVSSv2
CVE-2012-6038
admin/core/admin_func.php in razorCMS prior to 1.2.1 does not properly restrict access to certain administrator directories and files, which allows remote authenticated users to read, edit, rename, move, copy and delete files via the (1) dir parameter in a fileman or (2) filemanv...
Razorcms Razorcms 1.0
Razorcms Razorcms 0.3
Razorcms Razorcms 0.2
Razorcms Razorcms
Razorcms Razorcms 1.1
Razorcms Razorcms 0.4
1 EDB exploit
4
CVSSv2
CVE-2012-5918
razorCMS 1.2 allows remote authenticated users to access administrator directories and files by creating and deleting a directory.
Razorcms Razorcms 1.2
1 EDB exploit
6.8
CVSSv2
CVE-2012-1900
Cross-site request forgery (CSRF) vulnerability in admin/index.php in RazorCMS 1.2.1 and previous versions allows remote malicious users to hijack the authentication of administrators for requests that delete arbitrary web pages via a showcats action.
Razorcms Razorcms
Razorcms Razorcms 0.3
Razorcms Razorcms 1.0
Razorcms Razorcms 0.2
Razorcms Razorcms 1.2
Razorcms Razorcms 1.1
Razorcms Razorcms 0.4
1 EDB exploit
4.3
CVSSv2
CVE-2010-5051
Cross-site scripting (XSS) vulnerability in admin/core/admin_func.php in razorCMS 1.0 stable allows remote malicious users to inject arbitrary web script or HTML via the content parameter in an edit action to admin/index.php.
Razorcms Razorcms 1.0
1 EDB exploit
6.8
CVSSv2
CVE-2009-1459
Cross-site request forgery (CSRF) vulnerability in razorCMS prior to 0.4 allows remote malicious users to hijack the authentication of administrators for requests that create a web page containing PHP code.
Razorcms Razorcms
Razorcms Razorcms 0.2
Razorcms Razorcms 0.3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4946
CVE-2024-30309
CVE-2024-4761
CVE-2024-30051
type confusion
memory leak
CVE-2024-30293
reflected XSS
CVE-2024-3126
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »