Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
runcms runcms 1.2 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-2691
includes/common.php in RunCMS 1.2 and previous versions calls the extract function with EXTR_OVERWRITE on HTTP POST variables, which allows remote malicious users to overwrite arbitrary variables, possibly allowing execution of arbitrary code.
Runcms Runcms 1.1
Runcms Runcms 1.1a
Runcms Runcms 1.2
NA
CVE-2005-2692
Multiple SQL injection vulnerabilities in RunCMS 1.2 and previous versions allow remote malicious users to execute arbitrary SQL commands via the (1) addquery and (2) subquery parameters to the newbb plus module, the forum parameter to (3) newtopic.php, (4) edit.php, or (5) reply...
Runcms Runcms 1.1a
Runcms Runcms 1.1
Runcms Runcms 1.2
NA
CVE-2006-0721
SQL injection vulnerability in pmlite.php in RunCMS 1.2 and 1.3a allows remote malicious users to execute arbitrary SQL commands via the to_userid parameter.
Runcms Runcms 1.3a
Runcms Runcms 1.3a2
Runcms Runcms 1.2
1 EDB exploit
NA
CVE-2006-0875
Cross-site scripting vulnerability in ratefile.php in RunCMS 1.3a5 allows remote malicious users to inject arbitrary web script or HTML via the lid parameter.
Runcms Runcms 1.3a
Runcms Runcms 1.3a2
Runcms Runcms 1.3a5
Runcms Runcms 1.1
Runcms Runcms 1.1a
Runcms Runcms 1.2
1 EDB exploit
NA
CVE-2006-1216
Cross-site scripting (XSS) vulnerability in bigshow.php in Runcms 1.x allows remote malicious users to inject arbitrary web script or HTML via the id parameter.
Runcms Runcms 1.1
Runcms Runcms 1.2
Runcms Runcms 1.1a
Runcms Runcms 1.3a
Runcms Runcms 1.3a2
Runcms Runcms 1.3a5
1 EDB exploit
NA
CVE-2006-1793
Directory traversal vulnerability in runCMS 1.2 and previous versions allows remote malicious users to read arbitrary files via the bbPath[path] parameter to (1) class.forumposts.php and (2) forumpollrenderer.php. NOTE: this issue is closely related to CVE-2006-0659.
Runcms Runcms 1.1
Runcms Runcms 1.1a
Runcms Runcms
1 EDB exploit
NA
CVE-2006-0659
Multiple PHP remote file include vulnerabilities in RunCMS 1.2 and previous versions, with register_globals and allow_url_fopen enabled, allow remote malicious users to execute arbitrary code via the bbPath[path] parameter in (1) class.forumposts.php and (2) forumpollrenderer.php...
Runcms Runcms 1.1a
Runcms Runcms 1.1
Runcms Runcms
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started