Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
runcms runcms vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-0827
Viewcat.php in (1) RUNCMS 1.1A, (2) Ciamos 0.9.2 RC1, e-Xoops 1.05 Rev3, and possibly other products based on e-Xoops (exoops), allow remote malicious users to obtain sensitive information via an invalid parameter to the convertorderbytrans function, which reveals the path in a P...
Runcms Runcms 1.1a
E-xoops E-xoops 1.05 Rev3
Ciamos Ciamos 0.9.2 Rc1
NA
CVE-2009-2591
SQL injection vulnerability in the MyAnnonces module for E-Xoopport 3.1 allows remote malicious users to execute arbitrary SQL commands via the lid parameter in a viewannonces action to index.php.
Runcms Myannonces -
1 EDB exploit
NA
CVE-2008-0878
SQL injection vulnerability in index.php in the MyAnnonces 1.7 and previous versions module for RunCMS allows remote malicious users to execute arbitrary SQL commands via the cid parameter in a view action.
Runcms Myannonces
1 EDB exploit
NA
CVE-2008-2084
SQL injection vulnerability in topics.php in the MyArticles 0.6 beta-1 module for RunCMS allows remote malicious users to execute arbitrary SQL commands via the topic_id parameter in a listarticles action.
Myarticles Myarticles 0.6
Runcms Myarticles Module 0.6
1 EDB exploit
NA
CVE-2006-1032
Eval injection vulnerability in the decode function in rpc_decoder.php for phpRPC 0.7 and previous versions, as used by runcms, exoops, and possibly other programs, allows remote malicious users to execute arbitrary PHP code via the base64 tag.
Phprpc Phprpc 0.8
Phprpc Phprpc 0.9
Phprpc Phprpc 0.7
2 EDB exploits
NA
CVE-2006-6452
Multiple cross-site scripting (XSS) vulnerabilities in the MyArticles module prior to 0.6 beta 1, for RunCMS, allow remote malicious users to inject arbitrary web script or HTML via unspecified parameters to (1) topics.php, (2) submit.php, and (3) class/calendar.class.php.
Myarticles Myarticles
NA
CVE-2006-0921
Multiple directory traversal vulnerabilities in connector.php in FCKeditor 2.0 FC, as used in products such as RunCMS, allow remote malicious users to list and create arbitrary directories via a .. (dot dot) in the CurrentFolder parameter to (1) GetFoldersAndFiles and (2) CreateF...
Fckeditor Fckeditor 2.0 Fc
NA
CVE-2006-0658
Incomplete blacklist vulnerability in connector.php in FCKeditor 2.0 and 2.2, as used in products such as RunCMS, allows remote malicious users to upload and execute arbitrary script files by giving the files specific extensions that are not listed in the Config[DeniedExtensions]...
Fckeditor Fckeditor 2.0
Fckeditor Fckeditor 2.2
2 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4