Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cms vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2011-5255
Multiple cross-site scripting (XSS) vulnerabilities in admin/login in X3 CMS 0.4.3.1 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) PATH_INFO, (2) username, or (3) password parameter.
X3cms X3 Cms 0.4.1
X3cms X3 Cms 0.4.2
X3cms X3 Cms 0.4.2.1
X3cms X3 Cms
X3cms X3 Cms 0.4.0.3
X3cms X3 Cms 0.4
6
CVSSv2
CVE-2011-0635
Static code injection vulnerability in Simploo CMS 1.7.1 and previous versions allows remote authenticated users to inject arbitrary PHP code into config/custom/base.ini.php via the ftpserver parameter (FTP-Server field) to the sicore/updates/optionssav operation for index.php.
Simploo Simploo Cms
Simploo Simploo Cms 1.3.0
Simploo Simploo Cms 1.5.2
Simploo Simploo Cms 1.7.0
Simploo Simploo Cms 1.2.0
Simploo Simploo Cms 1.5.0
1 EDB exploit
4.3
CVSSv2
CVE-2016-9889
Some forms with the parameter geo_zoomlevel_to_found_location in Tiki Wiki CMS 12.x prior to 12.10 LTS, 15.x prior to 15.3 LTS, and 16.x prior to 16.1 don't have the input sanitized, related to tiki-setup.php and article_image.php. The impact is XSS.
Tiki Tikiwiki Cms/groupware 12.0
Tiki Tikiwiki Cms/groupware 12.5
Tiki Tikiwiki Cms/groupware 15.0
Tiki Tikiwiki Cms/groupware 12.7
Tiki Tikiwiki Cms/groupware 12.2
Tiki Tikiwiki Cms/groupware 12.4
Tiki Tikiwiki Cms/groupware 12.6
Tiki Tikiwiki Cms/groupware 15.2
Tiki Tikiwiki Cms/groupware 16.0
Tiki Tikiwiki Cms/groupware 12.8
Tiki Tikiwiki Cms/groupware 12.1
Tiki Tikiwiki Cms/groupware 12.3
Tiki Tikiwiki Cms/groupware 15.1
Tiki Tikiwiki Cms/groupware 12.9
5
CVSSv2
CVE-2014-8790
XML external entity (XXE) vulnerability in admin/api.php in GetSimple CMS 3.1.1 up to and including 3.3.x prior to 3.3.5 Beta 1, when in certain configurations, allows remote malicious users to read arbitrary files via the data parameter.
Cagintranetworks Getsimple Cms 3.3.3
Cagintranetworks Getsimple Cms 3.3.4
Get-simple Getsimple Cms 3.1.1
Get-simple Getsimple Cms 3.1.2
Get-simple Getsimple Cms 3.2
Get-simple Getsimple Cms 3.2.1
Get-simple Getsimple Cms 3.2.2
Get-simple Getsimple Cms 3.2.3
Get-simple Getsimple Cms 3.3.0
Get-simple Getsimple Cms 3.3.1
Get-simple Getsimple Cms 3.3.2
7.5
CVSSv2
CVE-2017-7625
In Fiyo CMS 2.x up to and including 2.0.7, attackers may upload a webshell via the content parameter to "/dapur/apps/app_theme/libs/save_file.php" and then execute code.
Fiyo Fiyo Cms 2.0
Fiyo Fiyo Cms 2.0.2.1
Fiyo Fiyo Cms 2.0.7
Fiyo Fiyo Cms 2.0.6
Fiyo Fiyo Cms 2.0.1.6
Fiyo Fiyo Cms 2.0.1.8
7.5
CVSSv2
CVE-2008-3256
SQL injection vulnerability in folder.php in Siteframe CMS 3.2.3 and previous versions, and Siteframe Beaumont 5.0.5 and previous versions, allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Siteframe Siteframe Cms 3.2.2
Siteframe Siteframe Cms 3.1.0
Siteframe Siteframe Cms 2.2.1
Siteframe Siteframe Cms 2.1+0001
Siteframe Siteframe Cms 3.0.1
Siteframe Siteframe Cms 2.3.2
Siteframe Siteframe Cms 2.2.2
Siteframe Siteframe Cms 3.2.1
Siteframe Siteframe Beaumont 5.0.2
Siteframe Siteframe Cms 2.4
Siteframe Siteframe Cms 2.0.2
Siteframe Siteframe Beaumont 5.0.1
Siteframe Siteframe Beaumont
Siteframe Siteframe Cms
Siteframe Siteframe Cms 2.3
Siteframe Siteframe Beaumont 5.0.1a
Siteframe Siteframe Cms 2.0.2+0005
Siteframe Siteframe Cms 3.0.2
Siteframe Siteframe Cms 2.2.0
1 EDB exploit
6.8
CVSSv2
CVE-2007-0846
Cross-site scripting (XSS) vulnerability in forum.php in Open Tibia Server CMS (OTSCMS) 2.1.5 and previous versions allows remote malicious users to inject arbitrary HTML or web script via the name parameter.
Open Tibia Server Cms Open Tibia Server Cms 2.1.3
Open Tibia Server Cms Open Tibia Server Cms 2.1.5
Open Tibia Server Cms Open Tibia Server Cms 2.0
Open Tibia Server Cms Open Tibia Server Cms 2.1.4
1 EDB exploit
7.5
CVSSv2
CVE-2007-0847
SQL injection vulnerability in mod/PM/reply.php in Open Tibia Server CMS (OTSCMS) 2.1.5 and previous versions allows remote malicious users to execute arbitrary SQL commands via the id parameter to priv.php.
Open Tibia Server Cms Open Tibia Server Cms 2.1.3
Open Tibia Server Cms Open Tibia Server Cms 2.1.5
Open Tibia Server Cms Open Tibia Server Cms 2.0
Open Tibia Server Cms Open Tibia Server Cms 2.1.4
1 EDB exploit
10
CVSSv2
CVE-2007-6529
Multiple unspecified vulnerabilities in TikiWiki prior to 1.9.9 have unknown impact and attack vectors involving (1) tiki-edit_css.php, (2) tiki-list_games.php, or (3) tiki-g-admin_shared_source.php.
Tiki Tikiwiki Cms/groupware 1.9.4
Tiki Tikiwiki Cms/groupware
Tiki Tikiwiki Cms/groupware 1.9.0
Tiki Tikiwiki Cms/groupware 1.9.3
Tiki Tikiwiki Cms/groupware 1.6.1
Tiki Tikiwiki Cms/groupware 1.9.5
Tiki Tikiwiki Cms/groupware 1.9.6
Tiki Tikiwiki Cms/groupware 1.9.2
Tiki Tikiwiki Cms/groupware 1.9.1
Tiki Tikiwiki Cms/groupware 1.9.7
7.5
CVSSv2
CVE-2007-5682
Incomplete blacklist vulnerability in tiki-graph_formula.php in TikiWiki prior to 1.9.8.2 allows remote malicious users to execute arbitrary code by using variable functions and variable variables to write variables whose names match the whitelist, a different vulnerability than ...
Tiki Tikiwiki Cms/groupware 1.9.4
Tiki Tikiwiki Cms/groupware
Tiki Tikiwiki Cms/groupware 1.9.0
Tiki Tikiwiki Cms/groupware 1.9.3
Tiki Tikiwiki Cms/groupware 1.6.1
Tiki Tikiwiki Cms/groupware 1.9.5
Tiki Tikiwiki Cms/groupware 1.9.6
Tiki Tikiwiki Cms/groupware 1.9.2
Tiki Tikiwiki Cms/groupware 1.9.1
Tiki Tikiwiki Cms/groupware 1.9.7
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
logic flaw
CVE-2024-23692
CVE-2024-26229
CVE-2024-35255
CVE-2024-5835
CVE-2024-5837
XML external entity
dos
CVE-2024-5813
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »