Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
content management system vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-2489
Web Content Management News System allows remote malicious users to create arbitrary accounts and gain privileges via a direct request to Admin/Users/AddModifyInput.php.
Web Content Management Web Content Management News System
NA
CVE-2005-2488
Cross-site scripting (XSS) vulnerability in Web Content Management News System allows remote malicious users to inject arbitrary web script or HTML via (1) the strRootpath parameter to validsession.php or (2) the strTable parameter to Admin/News/List.php.
Web Content Management Web Content Management News System
2 EDB exploits
5.4
CVSSv3
CVE-2020-36498
Macrob7 Macs Framework Content Management System - 1.14f contains a cross-site scripting (XSS) vulnerability in the account reset function, which allows malicious users to execute arbitrary web scripts or HTML via a crafted payload in the e-mail input field.
Macrob7 Macs Framework Content Management System Project Macrob7 Macs Framework Content Management System 1.14f
NA
CVE-2007-4365
Cross-site scripting (XSS) vulnerability in eXV2 CMS 2.0.5 and previous versions allows remote malicious users to inject arbitrary web script or HTML via a set_lang cookie to an unspecified component. NOTE: this may overlap CVE-2007-1965.
Exv2 Content Management System
6.1
CVSSv3
CVE-2023-48985
Cross Site Scripting (XSS) vulnerability in CU Solutions Group (CUSG) Content Management System (CMS) before v.7.75 allows a remote malicious user to execute arbitrary code, escalate privileges, and obtain sensitive information via a crafted script to the login.php component.
Cusg Content Management System
6.1
CVSSv3
CVE-2023-48986
Cross Site Scripting (XSS) vulnerability in CU Solutions Group (CUSG) Content Management System (CMS) before v.7.75 allows a remote malicious user to execute arbitrary code, escalate privileges, and obtain sensitive information via a crafted script to the users.php component.
Cusg Content Management System
7.5
CVSSv3
CVE-2023-48987
Blind SQL Injection vulnerability in CU Solutions Group (CUSG) Content Management System (CMS) before v.7.75 allows a remote malicious user to execute arbitrary code, escalate privileges, and obtain sensitive information via a crafted script to the pages.php component.
Cusg Content Management System
NA
CVE-2006-5030
SQL injection vulnerability in modules/messages/index.php in exV2 2.0.4.3 and previous versions allows remote authenticated users to execute arbitrary SQL commands via the sort parameter.
Exv2 Content Management System
1 EDB exploit
NA
CVE-2007-1949
Session fixation vulnerability in WebBlizzard CMS allows remote malicious users to hijack web sessions by setting a PHPSESSID cookie.
Webblizzard Content Management System
NA
CVE-2007-1965
Multiple cross-site scripting (XSS) vulnerabilities in eXV2 CMS 2.0.4.3 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the set_lang parameter to (1) archive.php, (2) article.php, (3) index.php, or (4) topics.php.
Exv2 Content Management System
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »