Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
content management system vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-7080
Directory traversal vulnerability in the avatar upload feature in exV2 2.0.4.3 and previous versions allows remote malicious users to delete arbitrary files via ".." sequences in the old_avatar parameter.
Exv2 Content Management System
1 EDB exploit
NA
CVE-2008-3154
SQL injection vulnerability in index.php in WebBlizzard CMS allows remote malicious users to execute arbitrary SQL commands via the page parameter.
Webblizzard Content Management System
1 EDB exploit
NA
CVE-2007-1949
Session fixation vulnerability in WebBlizzard CMS allows remote malicious users to hijack web sessions by setting a PHPSESSID cookie.
Webblizzard Content Management System
NA
CVE-2007-1950
Cross-site scripting (XSS) vulnerability in index_cms.php in WebBlizzard CMS allows remote malicious users to inject arbitrary web script or HTML via the Suchzeile parameter.
Webblizzard Content Management System
NA
CVE-2007-1965
Multiple cross-site scripting (XSS) vulnerabilities in eXV2 CMS 2.0.4.3 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the set_lang parameter to (1) archive.php, (2) article.php, (3) index.php, or (4) topics.php.
Exv2 Content Management System
8.8
CVSSv3
CVE-2022-3770
A vulnerability classified as critical was found in Yunjing CMS. This vulnerability affects unknown code of the file /index/user/upload_img.html. The manipulation of the argument file leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclos...
Xjyunjing Yunjing Content Management System -
NA
CVE-2001-0418
content.pl script in NCM Content Management System allows remote malicious users to read arbitrary contents of the content database by inserting SQL characters into the id parameter.
Ncm Ncm Content Management System
1 EDB exploit
NA
CVE-2007-1907
PHP remote file inclusion vulnerability in warn.php in Pathos Content Management System (CMS) 0.92-2 allows remote malicious users to execute arbitrary PHP code via a URL in the file parameter.
Pathos Content Management System 0.92.2
1 EDB exploit
NA
CVE-2007-1966
Session fixation vulnerability in eXV2 CMS 2.0.4.3 and previous versions allows remote malicious users to hijack web sessions by setting the PHPSESSID cookie.
Exv2 Content Management System 2.0.4.3
NA
CVE-2006-0466
Cross-site scripting (XSS) vulnerability in search.asp in Goldstag Content Management System allows remote malicious users to inject arbitrary web script or HTML via the text parameter.
Goldstag Goldstag Content Management System
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »