Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
runcms runcms vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2005-0827
Viewcat.php in (1) RUNCMS 1.1A, (2) Ciamos 0.9.2 RC1, e-Xoops 1.05 Rev3, and possibly other products based on e-Xoops (exoops), allow remote malicious users to obtain sensitive information via an invalid parameter to the convertorderbytrans function, which reveals the path in a P...
Runcms Runcms 1.1a
E-xoops E-xoops 1.05 Rev3
Ciamos Ciamos 0.9.2 Rc1
7.5
CVSSv2
CVE-2009-2591
SQL injection vulnerability in the MyAnnonces module for E-Xoopport 3.1 allows remote malicious users to execute arbitrary SQL commands via the lid parameter in a viewannonces action to index.php.
Runcms Myannonces -
1 EDB exploit
7.5
CVSSv2
CVE-2008-0878
SQL injection vulnerability in index.php in the MyAnnonces 1.7 and previous versions module for RunCMS allows remote malicious users to execute arbitrary SQL commands via the cid parameter in a view action.
Runcms Myannonces
1 EDB exploit
7.5
CVSSv2
CVE-2008-2084
SQL injection vulnerability in topics.php in the MyArticles 0.6 beta-1 module for RunCMS allows remote malicious users to execute arbitrary SQL commands via the topic_id parameter in a listarticles action.
Myarticles Myarticles 0.6
Runcms Myarticles Module 0.6
1 EDB exploit
7.5
CVSSv2
CVE-2006-1032
Eval injection vulnerability in the decode function in rpc_decoder.php for phpRPC 0.7 and previous versions, as used by runcms, exoops, and possibly other programs, allows remote malicious users to execute arbitrary PHP code via the base64 tag.
Phprpc Phprpc 0.8
Phprpc Phprpc 0.9
Phprpc Phprpc 0.7
2 EDB exploits
6.8
CVSSv2
CVE-2006-6452
Multiple cross-site scripting (XSS) vulnerabilities in the MyArticles module prior to 0.6 beta 1, for RunCMS, allow remote malicious users to inject arbitrary web script or HTML via unspecified parameters to (1) topics.php, (2) submit.php, and (3) class/calendar.class.php.
Myarticles Myarticles
6.4
CVSSv2
CVE-2006-0921
Multiple directory traversal vulnerabilities in connector.php in FCKeditor 2.0 FC, as used in products such as RunCMS, allow remote malicious users to list and create arbitrary directories via a .. (dot dot) in the CurrentFolder parameter to (1) GetFoldersAndFiles and (2) CreateF...
Fckeditor Fckeditor 2.0 Fc
5
CVSSv2
CVE-2006-0658
Incomplete blacklist vulnerability in connector.php in FCKeditor 2.0 and 2.2, as used in products such as RunCMS, allows remote malicious users to upload and execute arbitrary script files by giving the files specific extensions that are not listed in the Config[DeniedExtensions]...
Fckeditor Fckeditor 2.0
Fckeditor Fckeditor 2.2
2 EDB exploits
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-20065
open redirect
CVE-2024-1086
path traversal
CVE-2024-29825
XXE
CVE-2024-29822
CVE-2024-20696
CVE-2024-3564
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4