Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
runcms runcms vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-5535
Unspecified vulnerability in newbb_plus in RunCms 1.5.2 has unknown impact and attack vectors.
Runcms Runcms 1.5.2
NA
CVE-2009-3814
Static code injection vulnerability in RunCMS 2M1 allows remote authenticated administrators to execute arbitrary PHP code via the "Filter/Banning" feature, as demonstrated by modifying modules/system/cache/bademails.php using the "Prohibited: Emails" action, ...
Runcms Runcms 2m1
NA
CVE-2009-3815
RunCMS 2M1, when running with certain error_reporting levels, allows remote malicious users to obtain sensitive information via (1) the op[] parameter to modules/contact/index.php or (2) uid[] parameter to userinfo.php, which leaks the installation path in an error message when t...
Runcms Runcms 2m1
NA
CVE-2007-6544
Multiple SQL injection vulnerabilities in RunCMS prior to 1.6.1 allow remote malicious users to execute arbitrary SQL commands via the lid parameter to (1) brokenfile.php, (2) visit.php, or (3) ratefile.php in modules/mydownloads/; or (4) ratelink.php, (5) modlink.php, or (6) bro...
Runcms Runcms 1.6
2 EDB exploits
NA
CVE-2009-3804
Multiple SQL injection vulnerabilities in modules/forum/post.php in RunCMS 2M1 allow remote authenticated users to execute arbitrary SQL commands via (1) the pid parameter, which is not properly handled by the store function in modules/forum/class/class.forumposts.php, or (2) the...
Runcms Runcms 2m1
2 EDB exploits
NA
CVE-2009-3813
Multiple SQL injection vulnerabilities in RunCMS 2M1 allow remote authenticated users to execute arbitrary SQL commands via the (1) forum parameter to modules/forum/post.php and possibly (2) forum_id variable to modules/forum/class/class.permissions.php.
Runcms Runcms 2m1
NA
CVE-2006-4667
Multiple SQL injection vulnerabilities in RunCMS 1.4.1 allow remote malicious users to execute arbitrary SQL commands via the (1) uid parameter in (a) class/sessions.class.php, and the (2) timezone_offset and (3) umode parameters in (b) class/xoopsuser.php.
Runcms Runcms 1.4.1
NA
CVE-2008-7221
Cross-site request forgery (CSRF) vulnerability in RunCMS 1.6.1 allows remote malicious users to hijack the authentication of administrators for requests that (1) add new administrators or (2) modify user profiles via a crafted request to system/admin.php.
Runcms Runcms 1.6.1
NA
CVE-2008-7222
Cross-site scripting (XSS) vulnerability in system/admin.php in RunCMS 1.6.1 allows remote malicious users to inject arbitrary web script or HTML via the rank_title parameter in a RankForumAdd action.
Runcms Runcms 1.6.1
1 EDB exploit
NA
CVE-2005-0827
Viewcat.php in (1) RUNCMS 1.1A, (2) Ciamos 0.9.2 RC1, e-Xoops 1.05 Rev3, and possibly other products based on e-Xoops (exoops), allow remote malicious users to obtain sensitive information via an invalid parameter to the convertorderbytrans function, which reveals the path in a P...
Runcms Runcms 1.1a
E-xoops E-xoops 1.05 Rev3
Ciamos Ciamos 0.9.2 Rc1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »