Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
content management system vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2014-9344
Cross-site request forgery (CSRF) vulnerability in Snowfox CMS prior to 1.0.10 allows remote malicious users to hijack the authentication of administrators for requests that add a new admin account via a submit action in the admin/accounts/create uri to snowfox/.
Globiz Solutions Snowfox Content Management System
1 EDB exploit
4.3
CVSSv2
CVE-2009-4382
Cross-site scripting (XSS) vulnerability in module.php in PHPFABER CMS, possibly 1.3.36, allows remote malicious users to inject arbitrary web script or HTML via the mod parameter.
Phpfaber Phpfaber Content Management System 1.3.36
1 EDB exploit
3.5
CVSSv2
CVE-2014-2729
Cross-site scripting (XSS) vulnerability in content.aspx in Ektron CMS 8.7 prior to 8.7.0.055 allows remote authenticated users to inject arbitrary web script or HTML via the category0 parameter, which is not properly handled when displaying the Subjects tab in the View Propertie...
Ektron Ektron Content Management System 8.7.0
NA
CVE-2022-47740
Seltmann GmbH Content Management System 6 is vulnerable to SQL Injection via /index.php.
Seltmann-webdesign Content Management System 6.0
6.8
CVSSv2
CVE-2008-2217
Directory traversal vulnerability in cm/graphie.php in Content Management System 0.6.1 for Phprojekt allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the cm_imgpath parameter.
Mario Valdez Content Management System 0.6.1
1 EDB exploit
5.8
CVSSv2
CVE-2014-9343
Open redirect vulnerability in modules/system/controller/selectlanguage.class.php in Snowfox CMS 1.0 allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the rd parameter in a submit action to snowfox/.
Globiz Solutions Snowfox Content Management System 1.0
7.5
CVSSv2
CVE-2007-1707
PHP remote file inclusion vulnerability in index.php in Net Side Content Management System (Net-Side.net CMS) allows remote malicious users to execute arbitrary PHP code via a URL in the cms parameter.
Net-side.net Net Side Content Management System
1 EDB exploit
7.5
CVSSv2
CVE-2010-4332
Pointter PHP Content Management System 1.0 allows remote malicious users to bypass authentication and obtain administrative privileges via arbitrary values of the auser and apass cookies.
Pangramsoft Pointter Php Content Management System 1.0
1 EDB exploit
3.5
CVSSv2
CVE-2017-15947
Simple ASC Content Management System v1.2 has XSS in the location field in the sign function, related to guestbook.asp, formgb.asp, and msggb.asp.
Aspsource Simple Asc Content Management System 1.2
4.3
CVSSv2
CVE-2004-2210
Multiple cross-site scripting (XSS) vulnerabilities in Express-Web Content Management System (CMS) allow remote malicious users to steal cookie-based authentication information and possibly perform other exploits via the (1) n, (2) b, (3) e, or (4) a parameters to default.asp, (5...
Express-web Express-web Content Management System
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2024-34413
CVE-2024-34089
CVE-2024-33408
local
SQL
CVE-2024-0402
CVE-2024-33910
CVE-2024-31848
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »