Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
articles vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2020-21321
emlog v6.0 contains a Cross-Site Request Forgery (CSRF) via /admin/link.php?action=addlink, which allows malicious users to arbitrarily add articles.
Emlog Emlog 6.0.0
445
VMScore
CVE-2020-19037
Incorrect Access Control vulnearbility in Halo 0.4.3, which allows a malicious user to bypass encrption to view encrpted articles via cookies.
Halo Halo 0.4.3
755
VMScore
CVE-2007-5305
Multiple PHP remote file inclusion vulnerabilities in ELSEIF CMS Beta 0.6 allow remote malicious users to execute arbitrary PHP code via a URL in the (1) contenus parameter to (a) contenus.php; the (2) tpelseifportalrepertoire parameter to (b) votes.php, (c) espaceperso.php, (d) ...
Yannick Tanguy Else If Cms 0.6-beta
1 EDB exploit
312
VMScore
CVE-2018-12429
JEESNS up to and including 1.2.1 allows XSS attacks by ordinary users who publish articles containing a crafted payload in order to capture an administrator cookie.
Jeesns Jeesns
436
VMScore
CVE-2019-8902
An issue exists in idreamsoft iCMS up to and including 7.0.14. A CSRF vulnerability can delete users' articles via the public/api.php?app=user URI.
Idreamsoft Icms
516
VMScore
CVE-2019-9051
An issue exists in Pluck 4.7.9-dev1. There is a CSRF vulnerability that can delete articles via a /admin.php?action=deletepage&var1= URI.
Pluck-cms Pluck 4.7.9
668
VMScore
CVE-2006-1555
VSNS Lemon 3.2.0 allows remote malicious users to bypass authentication and access password-protected articles by setting the vsns[topic_id] cookie to the targeted topic.
Tachyon Vsns Lemon 3.2.0
NA
CVE-2023-29638
Cross Site Scripting (XSS) vulnerability in WinterChenS my-site before commit 3f0423da6d5200c7a46e200da145c1f54ee18548, allows malicious users to inject arbitrary web script or HTML via editing blog articles.
Winterchen My-site
383
VMScore
CVE-2020-21081
A cross-site request forgery (CSRF) in Maccms 8.0 causes administrators to add and modify articles without their knowledge via clicking on a crafted URL.
Maccms Maccms 8.0
445
VMScore
CVE-2021-41564
Tad Honor viewing book list function is vulnerable to authorization bypass, thus remote attackers can use special parameters to delete articles arbitrarily without logging in.
Tad Honor Project Tad Honor
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »