Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
expressionengine expressionengine vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2021-27230
ExpressionEngine prior to 5.4.2 and 6.x prior to 6.0.3 allows PHP Code Injection by certain authenticated users who can leverage Translate::save() to write to an _lang.php file under the system/user/language directory.
Expressionengine Expressionengine
5.4
CVSSv3
CVE-2017-1000160
EllisLab ExpressionEngine 3.4.2 is vulnerable to cross-site scripting resulting in PHP code injection
Expressionengine Expressionengine 3.4.2
NA
CVE-2006-0461
Cross-site scripting (XSS) vulnerability in core.input.php in ExpressionEngine 1.4.1 allows remote malicious users to inject arbitrary web script or HTML via HTTP_REFERER (referer).
Pmachine Expressionengine 1.4.1
1 EDB exploit
NA
CVE-2011-4025
ExpressionEngine version 2.2.2 and CodeIgniter version 2.0.3 suffer from filter bypass and cross site scripting vulnerabilities.
NA
CVE-2024-38454
ExpressionEngine prior to 7.4.11 allows XSS.
9.8
CVSSv3
CVE-2024-0738
A vulnerability, which was classified as critical, has been found in ???? mldong 1.0. This issue affects the function ExpressionEngine of the file com/mldong/modules/wf/engine/model/DecisionModel.java. The manipulation leads to code injection. The attack may be initiated remotely...
Garethhk Mldong 1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-38627
CVE-2022-45803
CVE-2024-38319
camera
template injection
CVE-2024-27801
CVE-2024-0762
CVE-2024-5791
unauthorized
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2