Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cms vulnerabilities and exploits
(subscribe to this query)
685
VMScore
CVE-2009-0371
Directory traversal vulnerability in post.php in SiteXS CMS 0.1.1 and previous versions allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the type parameter.
Sitexs Cms Sitexs Cms
Sitexs Cms Sitexs Cms 0.1
1 EDB exploit
605
VMScore
CVE-2015-5081
Cross-site request forgery (CSRF) vulnerability in django CMS prior to 3.0.14, 3.1.x prior to 3.1.1 allows remote malicious users to manipulate privileged users into performing unknown actions via unspecified vectors.
Django-cms Django Cms 3.1
Django-cms Django Cms
801
VMScore
CVE-2008-7125
pphoto in Ariadne prior to 2.6 allows remote authenticated users with certain privileges to execute arbitrary shell commands via vectors related to PINP programs and the annotate command. NOTE: some of these details are obtained from third party information.
Ariadne-cms Ariadne Cms 2.4
Ariadne-cms Ariadne Cms
265
VMScore
CVE-2016-2784
CMS Made Simple 2.x prior to 2.1.3 and 1.x prior to 1.12.2, when Smarty Cache is activated, allow remote malicious users to conduct cache poisoning attacks, modify links, and conduct cross-site scripting (XSS) attacks via a crafted HTTP Host header in a request.
Cmsmadesimple Cms Made Simple 2.1.1
Cmsmadesimple Cms Made Simple 2.1
Cmsmadesimple Cms Made Simple 1.11.11
Cmsmadesimple Cms Made Simple 1.11.10
Cmsmadesimple Cms Made Simple 1.11.3
Cmsmadesimple Cms Made Simple 1.11.2.1
Cmsmadesimple Cms Made Simple 1.10
Cmsmadesimple Cms Made Simple 1.9.4.3
Cmsmadesimple Cms Made Simple 1.9.4.2
Cmsmadesimple Cms Made Simple 1.6.10
Cmsmadesimple Cms Made Simple 1.6.9
Cmsmadesimple Cms Made Simple 1.6.7
Cmsmadesimple Cms Made Simple 1.6.6
Cmsmadesimple Cms Made Simple 1.5.3
Cmsmadesimple Cms Made Simple 1.5.2
Cmsmadesimple Cms Made Simple 1.2.5
Cmsmadesimple Cms Made Simple 1.2.4
Cmsmadesimple Cms Made Simple 1.1.2
Cmsmadesimple Cms Made Simple 1.1.1
Cmsmadesimple Cms Made Simple 1.0.2
Cmsmadesimple Cms Made Simple 1.0.1
Cmsmadesimple Cms Made Simple 1.12.1
1 EDB exploit
383
VMScore
CVE-2012-1992
Cross-site scripting (XSS) vulnerability in admin/edituser.php in CMS Made Simple 1.10.3 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the email parameter (aka the Email Address field in the Edit User template).
Cmsmadesimple Cms Made Simple
Cmsmadesimple Cms Made Simple 1.10.2
Cmsmadesimple Cms Made Simple 1.9.2
Cmsmadesimple Cms Made Simple 1.9
Cmsmadesimple Cms Made Simple 1.0
Cmsmadesimple Cms Made Simple 1.6.5
Cmsmadesimple Cms Made Simple 1.6.6
Cmsmadesimple Cms Made Simple 1.5.2
Cmsmadesimple Cms Made Simple 1.5.3
Cmsmadesimple Cms Made Simple 1.1.4.1
Cmsmadesimple Cms Made Simple 1.1.1
Cmsmadesimple Cms Made Simple 1.4.1
Cmsmadesimple Cms Made Simple 1.6.8
Cmsmadesimple Cms Made Simple 1.2
Cmsmadesimple Cms Made Simple 1.1
Cmsmadesimple Cms Made Simple 1.0.5
Cmsmadesimple Cms Made Simple 1.2.2
Cmsmadesimple Cms Made Simple 0.1
Cmsmadesimple Cms Made Simple 0.6
Cmsmadesimple Cms Made Simple 0.7.1
Cmsmadesimple Cms Made Simple 0.2.1
Cmsmadesimple Cms Made Simple 0.10.2
383
VMScore
CVE-2012-1834
Cross-site scripting (XSS) vulnerability in the cms_tpv_admin_head function in functions.php in the CMS Tree Page View plugin prior to 0.8.9 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the cms_tpv_view parameter to wp-admin/options-gener...
Cms Tree Page View Project Cms Tree Page View 0.8.3
Cms Tree Page View Project Cms Tree Page View 0.8.2
Cms Tree Page View Project Cms Tree Page View 0.7.16
Cms Tree Page View Project Cms Tree Page View 0.7.15
Cms Tree Page View Project Cms Tree Page View 0.7.8
Cms Tree Page View Project Cms Tree Page View 0.7.7
Cms Tree Page View Project Cms Tree Page View 0.6.3
Cms Tree Page View Project Cms Tree Page View 0.6.2
Cms Tree Page View Project Cms Tree Page View 0.5.3
Cms Tree Page View Project Cms Tree Page View 0.5.2
Cms Tree Page View Project Cms Tree Page View 0.4.5
Cms Tree Page View Project Cms Tree Page View 0.4.4
Cms Tree Page View Project Cms Tree Page View 0.1a
Cms Tree Page View Project Cms Tree Page View 0.8.1
Cms Tree Page View Project Cms Tree Page View 0.8
Cms Tree Page View Project Cms Tree Page View 0.7.14
Cms Tree Page View Project Cms Tree Page View 0.7.13
Cms Tree Page View Project Cms Tree Page View 0.7.6
Cms Tree Page View Project Cms Tree Page View 0.7.5
Cms Tree Page View Project Cms Tree Page View 0.6.1
Cms Tree Page View Project Cms Tree Page View 0.6
Cms Tree Page View Project Cms Tree Page View 0.5.1
801
VMScore
CVE-2020-7357
Cayin CMS suffers from an authenticated OS semi-blind command injection vulnerability using default credentials. This can be exploited to inject and execute arbitrary shell commands as the root user through the 'NTP_Server_IP' HTTP POST parameter in system.cgi page. Thi...
Cayintech Cms-se Firmware 11.0
Cayintech Cms-se-lxc Firmware -
Cayintech Cms-60 Firmware 11.0
Cayintech Cms-40 Firmware 9.0
Cayintech Cms-20 Firmware 9.0
Cayintech Cms 7.5
Cayintech Cms 8.0
Cayintech Cms 8.2
490
VMScore
CVE-2010-0989
Directory traversal vulnerability in delete.php in Pulse CMS prior to 1.2.3 allows remote authenticated users to delete arbitrary files via directory traversal sequences in the f parameter.
Pulsecms Pulse Cms 1.2
Pulsecms Pulse Cms 1.18
Pulsecms Pulse Cms
Pulsecms Pulse Cms 1.2.1
Pulsecms Pulse Cms 1.01
Pulsecms Pulse Cms 1.0
Pulsecms Pulse Cms 1.15
Pulsecms Pulse Cms 1.1
Pulsecms Pulse Cms 1.17
Pulsecms Pulse Cms 1.16
534
VMScore
CVE-2010-0988
Multiple unspecified vulnerabilities in Pulse CMS prior to 1.2.3 allow (1) remote malicious users to write to arbitrary files and execute arbitrary PHP code via vectors related to improper handling of login failures by includes/login.php; and allow remote authenticated users to w...
Pulsecms Pulse Cms 1.17
Pulsecms Pulse Cms 1.16
Pulsecms Pulse Cms 1.2
Pulsecms Pulse Cms 1.18
Pulsecms Pulse Cms
Pulsecms Pulse Cms 1.2.1
Pulsecms Pulse Cms 1.0
Pulsecms Pulse Cms 1.15
Pulsecms Pulse Cms 1.1
Pulsecms Pulse Cms 1.01
668
VMScore
CVE-2010-2797
Directory traversal vulnerability in lib/translation.functions.php in CMS Made Simple prior to 1.8.1 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the default_cms_lang parameter to an admin script, as demonstrated by admin/addboo...
Cmsmadesimple Cms Made Simple 1.0
Cmsmadesimple Cms Made Simple 1.6.3
Cmsmadesimple Cms Made Simple 1.6.5
Cmsmadesimple Cms Made Simple 1.5.1
Cmsmadesimple Cms Made Simple 1.5.3
Cmsmadesimple Cms Made Simple 1.2.1
Cmsmadesimple Cms Made Simple 1.1.1
Cmsmadesimple Cms Made Simple 1.0.3
Cmsmadesimple Cms Made Simple 1.4.1
Cmsmadesimple Cms Made Simple 1.2
Cmsmadesimple Cms Made Simple 1.1
Cmsmadesimple Cms Made Simple 1.2.2
Cmsmadesimple Cms Made Simple
Cmsmadesimple Cms Made Simple 1.5.4
Cmsmadesimple Cms Made Simple 1.6
Cmsmadesimple Cms Made Simple 1.6.1
Cmsmadesimple Cms Made Simple 1.6.2
Cmsmadesimple Cms Made Simple 1.0.8
Cmsmadesimple Cms Made Simple 1.0.7
Cmsmadesimple Cms Made Simple 1.0.6
Cmsmadesimple Cms Made Simple 1.0.4
Cmsmadesimple Cms Made Simple 1.0.5
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »