Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cms vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2010-2577
Multiple SQL injection vulnerabilities in Pligg prior to 1.1.1 allow remote malicious users to execute arbitrary SQL commands via the title parameter to (1) storyrss.php or (2) story.php.
Pligg Pligg Cms
Pligg Pligg Cms 1.0.0
Pligg Pligg Cms 1.0.1
Pligg Pligg Cms 1.0.4
Pligg Pligg Cms 1.0.2
Pligg Pligg Cms 1.0.3
NA
CVE-2010-3013
SQL injection vulnerability in groupadmin.php in Pligg prior to 1.1.1 allows remote malicious users to execute arbitrary SQL commands via the role parameter, a different vulnerability than CVE-2010-2577.
Pligg Pligg Cms
Pligg Pligg Cms 1.0.0
Pligg Pligg Cms 1.0.1
Pligg Pligg Cms 1.0.4
Pligg Pligg Cms 1.0.2
Pligg Pligg Cms 1.0.3
NA
CVE-2011-0635
Static code injection vulnerability in Simploo CMS 1.7.1 and previous versions allows remote authenticated users to inject arbitrary PHP code into config/custom/base.ini.php via the ftpserver parameter (FTP-Server field) to the sicore/updates/optionssav operation for index.php.
Simploo Simploo Cms
Simploo Simploo Cms 1.3.0
Simploo Simploo Cms 1.5.2
Simploo Simploo Cms 1.7.0
Simploo Simploo Cms 1.2.0
Simploo Simploo Cms 1.5.0
1 EDB exploit
NA
CVE-2014-8790
XML external entity (XXE) vulnerability in admin/api.php in GetSimple CMS 3.1.1 up to and including 3.3.x prior to 3.3.5 Beta 1, when in certain configurations, allows remote malicious users to read arbitrary files via the data parameter.
Cagintranetworks Getsimple Cms 3.3.3
Cagintranetworks Getsimple Cms 3.3.4
Get-simple Getsimple Cms 3.1.1
Get-simple Getsimple Cms 3.1.2
Get-simple Getsimple Cms 3.2
Get-simple Getsimple Cms 3.2.1
Get-simple Getsimple Cms 3.2.2
Get-simple Getsimple Cms 3.2.3
Get-simple Getsimple Cms 3.3.0
Get-simple Getsimple Cms 3.3.1
Get-simple Getsimple Cms 3.3.2
NA
CVE-2008-3256
SQL injection vulnerability in folder.php in Siteframe CMS 3.2.3 and previous versions, and Siteframe Beaumont 5.0.5 and previous versions, allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Siteframe Siteframe Cms 3.2.2
Siteframe Siteframe Cms 3.1.0
Siteframe Siteframe Cms 2.2.1
Siteframe Siteframe Cms 2.1+0001
Siteframe Siteframe Cms 3.0.1
Siteframe Siteframe Cms 2.3.2
Siteframe Siteframe Cms 2.2.2
Siteframe Siteframe Cms 3.2.1
Siteframe Siteframe Beaumont 5.0.2
Siteframe Siteframe Cms 2.4
Siteframe Siteframe Cms 2.0.2
Siteframe Siteframe Beaumont 5.0.1
Siteframe Siteframe Beaumont
Siteframe Siteframe Cms
Siteframe Siteframe Cms 2.3
Siteframe Siteframe Beaumont 5.0.1a
Siteframe Siteframe Cms 2.0.2+0005
Siteframe Siteframe Cms 3.0.2
Siteframe Siteframe Cms 2.2.0
1 EDB exploit
9.8
CVSSv3
CVE-2017-7625
In Fiyo CMS 2.x up to and including 2.0.7, attackers may upload a webshell via the content parameter to "/dapur/apps/app_theme/libs/save_file.php" and then execute code.
Fiyo Fiyo Cms 2.0
Fiyo Fiyo Cms 2.0.2.1
Fiyo Fiyo Cms 2.0.7
Fiyo Fiyo Cms 2.0.6
Fiyo Fiyo Cms 2.0.1.6
Fiyo Fiyo Cms 2.0.1.8
NA
CVE-2007-0847
SQL injection vulnerability in mod/PM/reply.php in Open Tibia Server CMS (OTSCMS) 2.1.5 and previous versions allows remote malicious users to execute arbitrary SQL commands via the id parameter to priv.php.
Open Tibia Server Cms Open Tibia Server Cms 2.1.3
Open Tibia Server Cms Open Tibia Server Cms 2.1.5
Open Tibia Server Cms Open Tibia Server Cms 2.0
Open Tibia Server Cms Open Tibia Server Cms 2.1.4
1 EDB exploit
NA
CVE-2007-0846
Cross-site scripting (XSS) vulnerability in forum.php in Open Tibia Server CMS (OTSCMS) 2.1.5 and previous versions allows remote malicious users to inject arbitrary HTML or web script via the name parameter.
Open Tibia Server Cms Open Tibia Server Cms 2.1.3
Open Tibia Server Cms Open Tibia Server Cms 2.1.5
Open Tibia Server Cms Open Tibia Server Cms 2.0
Open Tibia Server Cms Open Tibia Server Cms 2.1.4
1 EDB exploit
NA
CVE-2007-6526
Cross-site scripting (XSS) vulnerability in tiki-special_chars.php in TikiWiki prior to 1.9.9 allows remote malicious users to inject arbitrary web script or HTML via the area_name parameter.
Tiki Tikiwiki Cms/groupware 1.9.4
Tiki Tikiwiki Cms/groupware
Tiki Tikiwiki Cms/groupware 1.9.0
Tiki Tikiwiki Cms/groupware 1.9.3
Tiki Tikiwiki Cms/groupware 1.6.1
Tiki Tikiwiki Cms/groupware 1.9.5
Tiki Tikiwiki Cms/groupware 1.9.6
Tiki Tikiwiki Cms/groupware 1.9.2
Tiki Tikiwiki Cms/groupware 1.9.1
Tiki Tikiwiki Cms/groupware 1.9.7
NA
CVE-2007-6529
Multiple unspecified vulnerabilities in TikiWiki prior to 1.9.9 have unknown impact and attack vectors involving (1) tiki-edit_css.php, (2) tiki-list_games.php, or (3) tiki-g-admin_shared_source.php.
Tiki Tikiwiki Cms/groupware 1.9.4
Tiki Tikiwiki Cms/groupware
Tiki Tikiwiki Cms/groupware 1.9.0
Tiki Tikiwiki Cms/groupware 1.9.3
Tiki Tikiwiki Cms/groupware 1.6.1
Tiki Tikiwiki Cms/groupware 1.9.5
Tiki Tikiwiki Cms/groupware 1.9.6
Tiki Tikiwiki Cms/groupware 1.9.2
Tiki Tikiwiki Cms/groupware 1.9.1
Tiki Tikiwiki Cms/groupware 1.9.7
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »