Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
toenda software development toendacms vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2006-4349
PHP remote file inclusion vulnerability in ToendaCMS 1.0.3 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the tcms_administer_site parameter to an unspecified script, probably index.php. NOTE: this issue has been disputed by a third...
Toenda Software Development Toendacms Stable 1.0.3
Toenda Software Development Toendacms 1.0
1 EDB exploit
7.5
CVSSv2
CVE-2005-4353
SQL injection vulnerability in index.php in toendaCMS 0.6.2.1, when configured to use a SQL database, allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Toenda Software Development Toendacms 0.6.2.1
6.8
CVSSv2
CVE-2006-2799
Cross-site scripting (XSS) vulnerability in content_footer.php in toendaCMS 0.7.0 allows remote malicious users to inject arbitrary web scripts or HTML via the print_url variable. NOTE: the provenance of this information is unknown; the details are obtained solely from third part...
Toenda Software Development Toendacms 0.6 Beta 2
Toenda Software Development Toendacms 0.6 Beta 3
Toenda Software Development Toendacms 0.6.2.1
Toenda Software Development Toendacms 0.6 Beta 1
Toenda Software Development Toendacms 0.6
Toenda Software Development Toendacms 0.6.1
Toenda Software Development Toendacms 0.6 Pre-beta
Toenda Software Development Toendacms
6.5
CVSSv2
CVE-2005-4422
Unrestricted file upload vulnerability in toendaCMS prior to 0.6.2 Stable allows remote authenticated administrators to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in data/images/albums.
Toenda Software Development Toendacms 0.6.1
5.1
CVSSv2
CVE-2006-3362
Unrestricted file upload vulnerability in connectors/php/connector.php in FCKeditor mcpuk file manager, as used in (1) Geeklog 1.4.0 up to and including 1.4.0sr3, (2) toendaCMS 1.0.0 Shizouka Stable and previous versions, (3) WeBid 0.5.4, and possibly other products, when install...
Geeklog Geeklog 1.4.0 Sr3
Toenda Software Development Toendacms 0.6.1
Geeklog Geeklog 1.4.0 Sr1
Geeklog Geeklog 1.4.0 Sr2
Geeklog Geeklog 1.4.0
Toenda Software Development Toendacms 1.0
Toenda Software Development Toendacms 0.6.2
Toenda Software Development Toendacms 0.7
1 EDB exploit
5
CVSSv2
CVE-2005-3551
toendaCMS prior to 0.6.2 stores user account and session data in the web root directory, which allows remote malicious users to obtain sensitive information via a direct request to the appropriate XML file.
Toenda Software Development Toendacms
5
CVSSv2
CVE-2005-3550
Directory traversal vulnerability in admin.php in toendaCMS prior to 0.6.2 allows remote malicious users to access arbitrary files via a .. (dot dot) in the id_user parameter.
Toenda Software Development Toendacms
1 EDB exploit
4.3
CVSSv2
CVE-2007-1872
Cross-site scripting (XSS) vulnerability in toendaCMS 1.5.3 allows remote malicious users to inject arbitrary web script or HTML via the searchword parameter in a search id.
Toenda Software Development Toendacms 1.5.3
1 EDB exploit
4.3
CVSSv2
CVE-2006-4016
Cross-site scripting (XSS) vulnerability in /toendaCMS in toendaCMS stable 1.0.3 and previous versions, and unstable 1.1 and previous versions, allows remote malicious users to inject arbitrary web script or HTML via the s parameter.
Toenda Software Development Toendacms
4.3
CVSSv2
CVE-2005-4277
Cross-site scripting (XSS) vulnerability in index.php in toendaCMS prior to 0.7 Beta allows remote malicious users to inject arbitrary web script or HTML via the id parameter.
Toenda Software Development Toendacms 0.6 Beta 1
Toenda Software Development Toendacms 0.6 Beta 2
Toenda Software Development Toendacms 0.6 Beta 3
Toenda Software Development Toendacms 0.6 Pre-beta
Toenda Software Development Toendacms
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started