Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
runcms runcms vulnerabilities and exploits
(subscribe to this query)
685
VMScore
CVE-2008-1462
SQL injection vulnerability in the sections (Section) module in RunCMS allows remote malicious users to execute arbitrary SQL commands via the artid parameter in a viewarticle action.
Runcms Runcms
1 EDB exploit
755
VMScore
CVE-2007-2538
SQL injection vulnerability in class/debug/debug_show.php in RunCms 1.5.2 and previous versions allows remote malicious users to execute arbitrary SQL commands via the executed_queries array parameter.
Runcms Runcms
1 EDB exploit
785
VMScore
CVE-2007-2539
The show_files function in RunCms 1.5.2 and previous versions allows remote malicious users to obtain sensitive information (file existence and file metadata) via unspecified vectors.
Runcms Runcms
1 EDB exploit
645
VMScore
CVE-2007-6546
RunCMS prior to 1.6.1 uses a predictable session id, which makes it easier for remote malicious users to hijack sessions via a modified id.
Runcms Runcms
1 EDB exploit
755
VMScore
CVE-2007-6548
Multiple direct static code injection vulnerabilities in RunCMS prior to 1.6.1 allow remote authenticated administrators to inject arbitrary PHP code via the (1) header and (2) footer parameters to modules/system/admin.php in a meta-generator action, (3) the disclaimer parameter ...
Runcms Runcms
1 EDB exploit
435
VMScore
CVE-2007-6545
Multiple cross-site scripting (XSS) vulnerabilities in RunCMS prior to 1.6.1 allow remote malicious users to inject arbitrary web script or HTML via (1) the subject parameter to modules/news/submit.php; (2) the PATH_INFO to modules/news/index.php, possibly related to the XoopsPag...
Runcms Runcms
1 EDB exploit
685
VMScore
CVE-2007-6547
RunCMS prior to 1.6.1 does not require entry of the old password during a password change, which allows context-dependent malicious users to change passwords upon obtaining temporary access to a session.
Runcms Runcms
1 EDB exploit
668
VMScore
CVE-2007-6549
Unspecified vulnerability in RunCMS prior to 1.6.1 has unknown impact and attack vectors, related to "pagetype using."
Runcms Runcms
760
VMScore
CVE-2008-3354
Multiple PHP remote file inclusion vulnerabilities in the Newbb Plus (newbb_plus) module 0.93 in RunCMS 1.6.1 allow remote malicious users to execute arbitrary PHP code via a URL in the (1) bbPath[path] parameter to votepolls.php and the (2) bbPath[root_theme] parameter to config...
Runcms Newbb Plus Module 0.93
Runcms Runcms 1.6.1
2 EDB exploits
605
VMScore
CVE-2008-7221
Cross-site request forgery (CSRF) vulnerability in RunCMS 1.6.1 allows remote malicious users to hijack the authentication of administrators for requests that (1) add new administrators or (2) modify user profiles via a crafted request to system/admin.php.
Runcms Runcms 1.6.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »