Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
textpattern vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-4737
Cross-site scripting (XSS) vulnerability in Textpattern CMS prior to 4.5.7 allows remote malicious users to inject arbitrary web script or HTML via the PATH_INFO to setup/index.php.
Textpattern Textpattern 4.5.1
Textpattern Textpattern 4.5.2
Textpattern Textpattern 4.5.3
Textpattern Textpattern 4.5.4
Textpattern Textpattern
Textpattern Textpattern 4.5.0
NA
CVE-2008-5757
Cross-site scripting (XSS) vulnerability in textarea/index.php in Textpattern (aka Txp CMS) 4.0.6 and previous versions allows remote authenticated users to inject arbitrary web script or HTML via the Body parameter in an article action. NOTE: some of these details are obtained f...
Textpattern Textpattern 4.0.1
Textpattern Textpattern
Textpattern Textpattern 4.0.3
Textpattern Textpattern 4.0.2
Textpattern Textpattern 4.0.5
Textpattern Textpattern 4.0.4
9.8
CVSSv3
CVE-2018-7474
An issue exists in Textpattern CMS 4.6.2 and previous versions. It is possible to inject SQL code in the variable "qty" on the page index.php.
Textpattern Textpattern
1 EDB exploit
7.2
CVSSv3
CVE-2023-26852
An arbitrary file upload vulnerability in the upload plugin of Textpattern v4.8.8 and below allows malicious users to execute arbitrary code by uploading a crafted PHP file.
Textpattern Textpattern
1 Github repository
4.3
CVSSv3
CVE-2021-40642
Textpattern CMS v4.8.7 and older vulnerability exists through Sensitive Cookie in HTTPS Session Without 'Secure' Attribute via textpattern/lib/txplib_misc.php. The secure flag is not set for txp_login session cookie in the application. If the secure flag is not set, the...
Textpattern Textpattern
NA
CVE-2006-5615
PHP remote file inclusion vulnerability in publish.php in Textpattern 1.19, when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via a URL in the txpcfg[txpath] parameter.
Textpattern Textpattern 1.19
1 EDB exploit
9.8
CVSSv3
CVE-2020-19510
Textpattern 4.7.3 contains an aribtrary file load via the file_insert function in include/txp_file.php.
Textpattern Textpattern 4.7.3
4.8
CVSSv3
CVE-2020-35854
Textpattern 4.8.4 is affected by cross-site scripting (XSS) in the Body parameter.
Textpattern Textpattern 4.8.4
5.4
CVSSv3
CVE-2021-28001
A cross-site scripting vulnerability exists in the Comments parameter in Textpattern CMS 4.8.4 which allows remote malicious users to execute arbitrary code via a crafted payload entered into the URL field. The vulnerability is triggered by users visiting https://site.com/article...
Textpattern Textpattern 4.8.4
NA
CVE-2011-5019
Cross-site scripting (XSS) vulnerability in setup/index.php in Textpattern CMS 4.4.1, when the product is incompletely installed, allows remote malicious users to inject arbitrary web script or HTML via the ddb parameter.
Textpattern Textpattern 4.4.1
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4040
privilege escalation
CVE-2024-4112
CVE-2024-32872
man-in-the-middle
CVE-2024-32788
bypass
CVE-2024-3400
CVE-2024-28976
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »