Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
squiz matrix vulnerabilities and exploits
(subscribe to this query)
9.1
CVSSv3
CVE-2019-19374
An issue exists in core/assets/form/form_question_types/form_question_type_file_upload/form_question_type_file_upload.inc in Squiz Matrix CMS 5.5.0 before 5.5.0.3, 5.5.1 before 5.5.1.8, 5.5.2 before 5.5.2.4, and 5.5.3 before 5.5.3.3 where a user can delete arbitrary files from th...
Squiz Matrix
8.8
CVSSv3
CVE-2017-14198
An issue exists in Squiz Matrix prior to 5.3.6.1 and 5.4.x prior to 5.4.1.3. Authenticated users with permissions to edit design assets can cause Remote Code Execution (RCE) via a maliciously crafted time_format tag.
Squiz Matrix 5.4.1.2
Squiz Matrix 5.4.1.1
Squiz Matrix 5.4.0.3
Squiz Matrix 5.4.0.1
Squiz Matrix 5.4.0.0
Squiz Matrix
Squiz Matrix 5.4.1.0
Squiz Matrix 5.4.0.2
7.5
CVSSv3
CVE-2019-19373
An issue exists in Squiz Matrix CMS 5.5.0 before 5.5.0.3, 5.5.1 before 5.5.1.8, 5.5.2 before 5.5.2.4, and 5.5.3 before 5.5.3.3 where a user can trigger arbitrary unserialization of a PHP object from a packages/cms/page_templates/page_remote_content/page_remote_content.inc POST pa...
Squiz Matrix
7.5
CVSSv3
CVE-2017-14196
An issue exists in Squiz Matrix from 5.3 through to 5.3.6.1 and 5.4.1.3. An information disclosure caused by a Path Traversal issue in the 'File Bridge' plugin allowed the existence of files outside of the bridged path to be confirmed.
Squiz Matrix
Squiz Matrix 5.4.1.3
6.1
CVSSv3
CVE-2017-14197
An issue exists in Squiz Matrix prior to 5.3.6.1 and 5.4.x prior to 5.4.1.3. There are multiple reflected Cross-Site Scripting (XSS) issues in Matrix WYSIWYG plugins.
Squiz Matrix 5.4.0.0
Squiz Matrix
Squiz Matrix 5.4.0.3
Squiz Matrix 5.4.0.1
Squiz Matrix 5.4.1.2
Squiz Matrix 5.4.1.1
Squiz Matrix 5.4.1.0
Squiz Matrix 5.4.0.2
5.3
CVSSv3
CVE-2022-32277
Squiz Matrix CMS 6.20 is vulnerable to an Insecure Direct Object Reference caused by failure to correctly validate authorization when submitting a request to change a user's contact details. NOTE: this is disputed by both the vendor and the original discoverer because it is ...
Squiz Matrix 6.20
NA
CVE-2010-4901
Multiple cross-site scripting (XSS) vulnerabilities in char_map.php in MySource Matrix 3.28.3 allow remote malicious users to inject arbitrary web script or HTML via the (1) height or (2) width parameter.
Squiz Mysource Matrix 3.28.3
1 EDB exploit
NA
CVE-2006-5037
MySource Matrix after 3.8 allows remote malicious users to use the application as an HTTP proxy server via a MIME encoded URL in the sq_content_src parameter to access arbitrary sites with the server's IP address and conduct cross-site scripting (XSS) attacks. NOTE: the rese...
Squiz Mysource Matrix 3.8.6a
Squiz Mysource Matrix 3.8.2
Squiz Mysource Matrix 3.8.3
Squiz Mysource Matrix 3.10.1
Squiz Mysource Matrix 3.8.4
Squiz Mysource Matrix 3.8
Squiz Mysource Matrix 3.10
Squiz Mysource Matrix 3.8.5
NA
CVE-2006-5036
MySource Matrix 3.8 and previous versions, and MySource 2.x, allow remote malicious users to use the application as an HTTP proxy server via the sq_remote_page_url parameter to access arbitrary sites with the server's IP address and conduct cross-site scripting (XSS) attacks...
Squiz Mysource Classic
Squiz Mysource Matrix
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started