Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cms vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2015-5081
Cross-site request forgery (CSRF) vulnerability in django CMS prior to 3.0.14, 3.1.x prior to 3.1.1 allows remote malicious users to manipulate privileged users into performing unknown actions via unspecified vectors.
Django-cms Django Cms 3.1
Django-cms Django Cms
9
CVSSv2
CVE-2008-7125
pphoto in Ariadne prior to 2.6 allows remote authenticated users with certain privileges to execute arbitrary shell commands via vectors related to PINP programs and the annotate command. NOTE: some of these details are obtained from third party information.
Ariadne-cms Ariadne Cms 2.4
Ariadne-cms Ariadne Cms
7.5
CVSSv2
CVE-2006-4533
Multiple PHP remote file inclusion vulnerabilities in Plume CMS 1.0.6 and previous versions allow remote malicious users to execute arbitrary PHP code via the _PX_config[manager_path] parameter to (1) articles.php, (2) categories.php, (3) news.php, (4) prefs.php, (5) sites.php, (...
Plume-cms Plume Cms 1.0.5
Plume-cms Plume Cms
2.6
CVSSv2
CVE-2016-2784
CMS Made Simple 2.x prior to 2.1.3 and 1.x prior to 1.12.2, when Smarty Cache is activated, allow remote malicious users to conduct cache poisoning attacks, modify links, and conduct cross-site scripting (XSS) attacks via a crafted HTTP Host header in a request.
Cmsmadesimple Cms Made Simple 2.1.1
Cmsmadesimple Cms Made Simple 2.1
Cmsmadesimple Cms Made Simple 1.11.11
Cmsmadesimple Cms Made Simple 1.11.10
Cmsmadesimple Cms Made Simple 1.11.3
Cmsmadesimple Cms Made Simple 1.11.2.1
Cmsmadesimple Cms Made Simple 1.10
Cmsmadesimple Cms Made Simple 1.9.4.3
Cmsmadesimple Cms Made Simple 1.9.4.2
Cmsmadesimple Cms Made Simple 1.6.10
Cmsmadesimple Cms Made Simple 1.6.9
Cmsmadesimple Cms Made Simple 1.6.7
Cmsmadesimple Cms Made Simple 1.6.6
Cmsmadesimple Cms Made Simple 1.5.3
Cmsmadesimple Cms Made Simple 1.5.2
Cmsmadesimple Cms Made Simple 1.2.5
Cmsmadesimple Cms Made Simple 1.2.4
Cmsmadesimple Cms Made Simple 1.1.2
Cmsmadesimple Cms Made Simple 1.1.1
Cmsmadesimple Cms Made Simple 1.0.2
Cmsmadesimple Cms Made Simple 1.0.1
Cmsmadesimple Cms Made Simple 1.12.1
1 EDB exploit
4.3
CVSSv2
CVE-2012-1992
Cross-site scripting (XSS) vulnerability in admin/edituser.php in CMS Made Simple 1.10.3 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the email parameter (aka the Email Address field in the Edit User template).
Cmsmadesimple Cms Made Simple
Cmsmadesimple Cms Made Simple 1.10.2
Cmsmadesimple Cms Made Simple 1.9.2
Cmsmadesimple Cms Made Simple 1.9
Cmsmadesimple Cms Made Simple 1.0
Cmsmadesimple Cms Made Simple 1.6.5
Cmsmadesimple Cms Made Simple 1.6.6
Cmsmadesimple Cms Made Simple 1.5.2
Cmsmadesimple Cms Made Simple 1.5.3
Cmsmadesimple Cms Made Simple 1.1.4.1
Cmsmadesimple Cms Made Simple 1.1.1
Cmsmadesimple Cms Made Simple 1.4.1
Cmsmadesimple Cms Made Simple 1.6.8
Cmsmadesimple Cms Made Simple 1.2
Cmsmadesimple Cms Made Simple 1.1
Cmsmadesimple Cms Made Simple 1.0.5
Cmsmadesimple Cms Made Simple 1.2.2
Cmsmadesimple Cms Made Simple 0.1
Cmsmadesimple Cms Made Simple 0.6
Cmsmadesimple Cms Made Simple 0.7.1
Cmsmadesimple Cms Made Simple 0.2.1
Cmsmadesimple Cms Made Simple 0.10.2
9
CVSSv2
CVE-2020-7357
Cayin CMS suffers from an authenticated OS semi-blind command injection vulnerability using default credentials. This can be exploited to inject and execute arbitrary shell commands as the root user through the 'NTP_Server_IP' HTTP POST parameter in system.cgi page. Thi...
Cayintech Cms-se Firmware 11.0
Cayintech Cms-se-lxc Firmware -
Cayintech Cms-60 Firmware 11.0
Cayintech Cms-40 Firmware 9.0
Cayintech Cms-20 Firmware 9.0
Cayintech Cms 7.5
Cayintech Cms 8.0
Cayintech Cms 8.2
4.3
CVSSv2
CVE-2012-1834
Cross-site scripting (XSS) vulnerability in the cms_tpv_admin_head function in functions.php in the CMS Tree Page View plugin prior to 0.8.9 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the cms_tpv_view parameter to wp-admin/options-gener...
Cms Tree Page View Project Cms Tree Page View 0.8.3
Cms Tree Page View Project Cms Tree Page View 0.8.2
Cms Tree Page View Project Cms Tree Page View 0.7.16
Cms Tree Page View Project Cms Tree Page View 0.7.15
Cms Tree Page View Project Cms Tree Page View 0.7.8
Cms Tree Page View Project Cms Tree Page View 0.7.7
Cms Tree Page View Project Cms Tree Page View 0.6.3
Cms Tree Page View Project Cms Tree Page View 0.6.2
Cms Tree Page View Project Cms Tree Page View 0.5.3
Cms Tree Page View Project Cms Tree Page View 0.5.2
Cms Tree Page View Project Cms Tree Page View 0.4.5
Cms Tree Page View Project Cms Tree Page View 0.4.4
Cms Tree Page View Project Cms Tree Page View 0.1a
Cms Tree Page View Project Cms Tree Page View 0.8.1
Cms Tree Page View Project Cms Tree Page View 0.8
Cms Tree Page View Project Cms Tree Page View 0.7.14
Cms Tree Page View Project Cms Tree Page View 0.7.13
Cms Tree Page View Project Cms Tree Page View 0.7.6
Cms Tree Page View Project Cms Tree Page View 0.7.5
Cms Tree Page View Project Cms Tree Page View 0.6.1
Cms Tree Page View Project Cms Tree Page View 0.6
Cms Tree Page View Project Cms Tree Page View 0.5.1
5.5
CVSSv2
CVE-2010-0989
Directory traversal vulnerability in delete.php in Pulse CMS prior to 1.2.3 allows remote authenticated users to delete arbitrary files via directory traversal sequences in the f parameter.
Pulsecms Pulse Cms 1.2
Pulsecms Pulse Cms 1.18
Pulsecms Pulse Cms
Pulsecms Pulse Cms 1.2.1
Pulsecms Pulse Cms 1.01
Pulsecms Pulse Cms 1.0
Pulsecms Pulse Cms 1.15
Pulsecms Pulse Cms 1.1
Pulsecms Pulse Cms 1.17
Pulsecms Pulse Cms 1.16
6
CVSSv2
CVE-2010-0988
Multiple unspecified vulnerabilities in Pulse CMS prior to 1.2.3 allow (1) remote malicious users to write to arbitrary files and execute arbitrary PHP code via vectors related to improper handling of login failures by includes/login.php; and allow remote authenticated users to w...
Pulsecms Pulse Cms 1.17
Pulsecms Pulse Cms 1.16
Pulsecms Pulse Cms 1.2
Pulsecms Pulse Cms 1.18
Pulsecms Pulse Cms
Pulsecms Pulse Cms 1.2.1
Pulsecms Pulse Cms 1.0
Pulsecms Pulse Cms 1.15
Pulsecms Pulse Cms 1.1
Pulsecms Pulse Cms 1.01
7.5
CVSSv2
CVE-2010-2797
Directory traversal vulnerability in lib/translation.functions.php in CMS Made Simple prior to 1.8.1 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the default_cms_lang parameter to an admin script, as demonstrated by admin/addboo...
Cmsmadesimple Cms Made Simple 1.0
Cmsmadesimple Cms Made Simple 1.6.3
Cmsmadesimple Cms Made Simple 1.6.5
Cmsmadesimple Cms Made Simple 1.5.1
Cmsmadesimple Cms Made Simple 1.5.3
Cmsmadesimple Cms Made Simple 1.2.1
Cmsmadesimple Cms Made Simple 1.1.1
Cmsmadesimple Cms Made Simple 1.0.3
Cmsmadesimple Cms Made Simple 1.4.1
Cmsmadesimple Cms Made Simple 1.2
Cmsmadesimple Cms Made Simple 1.1
Cmsmadesimple Cms Made Simple 1.2.2
Cmsmadesimple Cms Made Simple
Cmsmadesimple Cms Made Simple 1.5.4
Cmsmadesimple Cms Made Simple 1.6
Cmsmadesimple Cms Made Simple 1.6.1
Cmsmadesimple Cms Made Simple 1.6.2
Cmsmadesimple Cms Made Simple 1.0.8
Cmsmadesimple Cms Made Simple 1.0.7
Cmsmadesimple Cms Made Simple 1.0.6
Cmsmadesimple Cms Made Simple 1.0.4
Cmsmadesimple Cms Made Simple 1.0.5
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4040
cross-site scripting
CVE-2023-25790
CVE-2024-2961
XML external entity
CVE-2024-26926
CVE-2024-32806
CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »