Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
community cms community cms vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2015-0876
Multiple cross-site scripting (XSS) vulnerabilities in the print_language_selectbox function in classes/adminpage.inc.php in Saurus CMS Community Edition prior to 4.7 2015-02-04 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Saurus Saurus Cms
7.2
CVSSv3
CVE-2020-26295
OpenMage is a community-driven alternative to Magento CE. In OpenMage prior to 19.4.10 and 20.0.5, an administrator with permission to import/export data and to edit cms pages was able to inject an executable file on the server via layout xml. The latest OpenMage Versions up from...
Openmage Openmage
NA
CVE-2008-5845
Multiple cross-site scripting (XSS) vulnerabilities in Six Apart Movable Type (MT) prior to 4.23 allow remote malicious users to inject arbitrary web script or HTML via a (1) MTEntryAuthorUsername, (2) MTAuthorDisplayName, (3) MTEntryAuthorDisplayName, or (4) MTCommenterName fiel...
Sixapart Movable Type 3.33
Sixapart Movable Type 3.16
Sixapart Movable Type 3.15
Sixapart Movable Type 3.01d
Sixapart Movable Type 3.32
Sixapart Movable Type 3.3
Sixapart Movable Type 3.14
Sixapart Movable Type 3.35
Sixapart Movable Type 3.11
Sixapart Movable Type 3.17
Sixapart Movable Type 3.34
Sixapart Movable Type 3.1
Sixapart Movable Type 3.0d
Sixapart Movable Type 3.2
Sixapart Movable Type 3.12
Sixapart Movable Type
Sixapart Movable Type 4.2
8.8
CVSSv3
CVE-2022-31741
A crafted CMS message could have been processed incorrectly, leading to an invalid memory read, and potentially further memory corruption. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10.
Mozilla Firefox
Mozilla Firefox Esr
Mozilla Thunderbird
8.8
CVSSv3
CVE-2022-31740
On arm64, WASM code could have resulted in incorrect assembly generation leading to a register allocation problem, and a potentially exploitable crash. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10.
Mozilla Firefox Esr
Mozilla Thunderbird
Mozilla Firefox
9.8
CVSSv3
CVE-2022-31747
Mozilla developers Andrew McCreight, Nicolas B. Pierron, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 100 and Firefox ESR 91.9. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have b...
Mozilla Firefox
Mozilla Firefox Esr
Mozilla Thunderbird
9.8
CVSSv3
CVE-2022-31736
A malicious website could have learned the size of a cross-origin resource that supported Range requests. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10.
Mozilla Firefox
Mozilla Firefox Esr
Mozilla Thunderbird
9.8
CVSSv3
CVE-2022-31737
A malicious webpage could have caused an out-of-bounds write in WebGL, leading to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10.
Mozilla Firefox
Mozilla Firefox Esr
Mozilla Thunderbird
6.5
CVSSv3
CVE-2022-31738
When exiting fullscreen mode, an iframe could have confused the browser about the current state of fullscreen, resulting in potential user confusion or spoofing attacks. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10.
Mozilla Firefox
Mozilla Firefox Esr
Mozilla Thunderbird
6.5
CVSSv3
CVE-2022-31742
An attacker could have exploited a timing attack by sending a large number of allowCredential entries and detecting the difference between invalid key handles and cross-origin key handles. This could have led to cross-origin account linking in violation of WebAuthn goals. This vu...
Mozilla Firefox
Mozilla Firefox Esr
Mozilla Thunderbird
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »