Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
runcms runcms vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-1216
Cross-site scripting (XSS) vulnerability in bigshow.php in Runcms 1.x allows remote malicious users to inject arbitrary web script or HTML via the id parameter.
Runcms Runcms 1.1
Runcms Runcms 1.2
Runcms Runcms 1.1a
Runcms Runcms 1.3a
Runcms Runcms 1.3a2
Runcms Runcms 1.3a5
1 EDB exploit
NA
CVE-2006-0875
Cross-site scripting vulnerability in ratefile.php in RunCMS 1.3a5 allows remote malicious users to inject arbitrary web script or HTML via the lid parameter.
Runcms Runcms 1.3a
Runcms Runcms 1.3a2
Runcms Runcms 1.3a5
Runcms Runcms 1.1
Runcms Runcms 1.1a
Runcms Runcms 1.2
1 EDB exploit
NA
CVE-2006-1793
Directory traversal vulnerability in runCMS 1.2 and previous versions allows remote malicious users to read arbitrary files via the bbPath[path] parameter to (1) class.forumposts.php and (2) forumpollrenderer.php. NOTE: this issue is closely related to CVE-2006-0659.
Runcms Runcms 1.1
Runcms Runcms 1.1a
Runcms Runcms
1 EDB exploit
NA
CVE-2006-0659
Multiple PHP remote file include vulnerabilities in RunCMS 1.2 and previous versions, with register_globals and allow_url_fopen enabled, allow remote malicious users to execute arbitrary code via the bbPath[path] parameter in (1) class.forumposts.php and (2) forumpollrenderer.php...
Runcms Runcms 1.1a
Runcms Runcms 1.1
Runcms Runcms
1 EDB exploit
NA
CVE-2005-2691
includes/common.php in RunCMS 1.2 and previous versions calls the extract function with EXTR_OVERWRITE on HTTP POST variables, which allows remote malicious users to overwrite arbitrary variables, possibly allowing execution of arbitrary code.
Runcms Runcms 1.1
Runcms Runcms 1.1a
Runcms Runcms 1.2
NA
CVE-2005-2692
Multiple SQL injection vulnerabilities in RunCMS 1.2 and previous versions allow remote malicious users to execute arbitrary SQL commands via the (1) addquery and (2) subquery parameters to the newbb plus module, the forum parameter to (3) newtopic.php, (4) edit.php, or (5) reply...
Runcms Runcms 1.1a
Runcms Runcms 1.1
Runcms Runcms 1.2
NA
CVE-2006-0721
SQL injection vulnerability in pmlite.php in RunCMS 1.2 and 1.3a allows remote malicious users to execute arbitrary SQL commands via the to_userid parameter.
Runcms Runcms 1.3a
Runcms Runcms 1.3a2
Runcms Runcms 1.2
1 EDB exploit
NA
CVE-2008-0224
SQL injection vulnerability in index.php in the Newbb_plus 0.92 and previous versions module in RunCMS 1.6.1 allows remote malicious users to execute arbitrary SQL commands via the Client-Ip parameter.
Runcms Runcms 1.6.1
Runcms Runcms 1.5.3
Runcms Runcms 1.6
1 EDB exploit
NA
CVE-2005-1031
RUNCMS 1.1A, and possibly other products based on e-Xoops (exoops), when "Allow custom avatar upload" is enabled, does not properly verify uploaded files, which allows remote malicious users to upload arbitrary files.
E-xoops E-xoops 1.05r3
Runcms Runcms 1.1
Runcms Runcms 1.1a
NA
CVE-2008-1551
SQL injection vulnerability in viewcat.php in the Photo 3.02 module for RunCMS allows remote malicious users to execute arbitrary SQL commands via the cid parameter.
Runcms Runcms
Runcms Photo Module 3.02
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-21991
CVE-2024-32674
path traversal
CVE-2023-21987
denial of service
dos
CVE-2024-4647
CVE-2024-25519
CVE-2024-33612
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »