Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
runcms runcms vulnerabilities and exploits
(subscribe to this query)
505
VMScore
CVE-2005-0828
highlight.php in (1) RUNCMS 1.1A, (2) CIAMOS 0.9.2 RC1, (3) e-Xoops 1.05 Rev3, and possibly other products based on e-Xoops (exoops), allows remote malicious users to read arbitrary PHP files by specifying the pathname in the file parameter, as demonstrated by reading database co...
Runcms Runcms 1.1a
E-xoops E-xoops 1.05r3
Ciamos Ciamos 0.9.2 Rc1
1 EDB exploit
755
VMScore
CVE-2008-0878
SQL injection vulnerability in index.php in the MyAnnonces 1.7 and previous versions module for RunCMS allows remote malicious users to execute arbitrary SQL commands via the cid parameter in a view action.
Runcms Myannonces
1 EDB exploit
755
VMScore
CVE-2009-2591
SQL injection vulnerability in the MyAnnonces module for E-Xoopport 3.1 allows remote malicious users to execute arbitrary SQL commands via the lid parameter in a viewannonces action to index.php.
Runcms Myannonces -
1 EDB exploit
755
VMScore
CVE-2008-2084
SQL injection vulnerability in topics.php in the MyArticles 0.6 beta-1 module for RunCMS allows remote malicious users to execute arbitrary SQL commands via the topic_id parameter in a listarticles action.
Myarticles Myarticles 0.6
Runcms Myarticles Module 0.6
1 EDB exploit
760
VMScore
CVE-2006-1032
Eval injection vulnerability in the decode function in rpc_decoder.php for phpRPC 0.7 and previous versions, as used by runcms, exoops, and possibly other programs, allows remote malicious users to execute arbitrary PHP code via the base64 tag.
Phprpc Phprpc 0.8
Phprpc Phprpc 0.9
Phprpc Phprpc 0.7
2 EDB exploits
605
VMScore
CVE-2006-6452
Multiple cross-site scripting (XSS) vulnerabilities in the MyArticles module prior to 0.6 beta 1, for RunCMS, allow remote malicious users to inject arbitrary web script or HTML via unspecified parameters to (1) topics.php, (2) submit.php, and (3) class/calendar.class.php.
Myarticles Myarticles
570
VMScore
CVE-2006-0921
Multiple directory traversal vulnerabilities in connector.php in FCKeditor 2.0 FC, as used in products such as RunCMS, allow remote malicious users to list and create arbitrary directories via a .. (dot dot) in the CurrentFolder parameter to (1) GetFoldersAndFiles and (2) CreateF...
Fckeditor Fckeditor 2.0 Fc
510
VMScore
CVE-2006-0658
Incomplete blacklist vulnerability in connector.php in FCKeditor 2.0 and 2.2, as used in products such as RunCMS, allows remote malicious users to upload and execute arbitrary script files by giving the files specific extensions that are not listed in the Config[DeniedExtensions]...
Fckeditor Fckeditor 2.0
Fckeditor Fckeditor 2.2
2 EDB exploits
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4