Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
textpattern textpattern vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2020-23239
Cross Site Scripting (XSS) vulnerability in Textpattern CMS 4.8.1 via Custom fields in the Menu Preferences feature.
Textpattern Textpattern 4.8.1
NA
CVE-2023-36220
Directory Traversal vulnerability in Textpattern CMS v4.8.8 allows a remote authenticated malicious user to execute arbitrary code and gain access to sensitive information via the plugin Upload function.
Textpattern Textpattern 4.8.8
4.3
CVSSv2
CVE-2011-5019
Cross-site scripting (XSS) vulnerability in setup/index.php in Textpattern CMS 4.4.1, when the product is incompletely installed, allows remote malicious users to inject arbitrary web script or HTML via the ddb parameter.
Textpattern Textpattern 4.4.1
1 EDB exploit
4.3
CVSSv2
CVE-2008-5668
Multiple cross-site scripting (XSS) vulnerabilities in Textpattern (aka Txp CMS) 4.0.5 allow remote malicious users to inject arbitrary web script or HTML via (1) the PATH_INFO to setup/index.php or (2) the name parameter to index.php in the comments preview section.
Textpattern Textpattern 4.0.5
5
CVSSv2
CVE-2008-5669
index.php in the comments preview section in Textpattern (aka Txp CMS) 4.0.5 allows remote malicious users to cause a denial of service via a long message parameter.
Textpattern Textpattern 4.0.5
6.8
CVSSv2
CVE-2008-5670
Textpattern (aka Txp CMS) 4.0.5 does not ask for the old password during a password reset, which makes it easier for remote malicious users to change a password after hijacking a session.
Textpattern Textpattern 4.0.5
4
CVSSv2
CVE-2021-30209
Textpattern V4.8.4 contains an arbitrary file upload vulnerability where a plug-in can be loaded in the background without any security verification, which may lead to obtaining system permissions.
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3