Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
articles vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-0480
Cross-site scripting (XSS) vulnerability in the Articles module in sPaiz-Nuke allows remote malicious users to inject arbitrary web script or HTML via the query parameter in the search file.
Spaiz Spaiz-nuke Cms 0
1 EDB exploit
6.5
CVSSv3
CVE-2020-20343
WTCMS 1.0 contains a cross-site request forgery (CSRF) vulnerability in the index.php?g=admin&m=nav&a=add_post component that allows malicious users to arbitrarily add articles in the administrator background.
Wtcms Project Wtcms 1.0
4.3
CVSSv3
CVE-2020-20943
A Cross-Site Request Forgery (CSRF) in /member/post.php?job=postnew&step=post of Qibosoft v7 allows malicious users to force victim users into arbitrarily publishing new articles via a crafted URL.
Qibosoft Qibosoft 7.0
NA
CVE-2006-1350
PHP remote file include vulnerability in index.php in 99Articles.com (aka ArticlesOne.com) Free articles directory allows remote malicious users to include and execute arbitrary PHP code via a URL in the page parameter.
Articlesone 99articles Directory
9.8
CVSSv3
CVE-2020-10243
An issue exists in Joomla! prior to 3.9.16. The lack of type casting of a variable in a SQL statement leads to a SQL injection vulnerability in the Featured Articles frontend menutype.
Joomla Joomla\\!
6.5
CVSSv3
CVE-2023-29868
Zammad 5.3.x (Fixed in 5.4.0) is vulnerable to Incorrect Access Control. An authenticated attacker with agent and customer roles could perform unauthorized changes on articles where they only have customer permissions.
Zammad Zammad
6.1
CVSSv3
CVE-2023-24369
A cross-site scripting (XSS) vulnerability in UJCMS v4.1.3 allows malicious users to execute arbitrary web scripts or HTML via injecting a crafted payload into the URL parameter under the Add New Articles function.
Ujcms Ujcms
NA
CVE-2009-3945
Unspecified vulnerability in the Front-End Editor in the com_content component in Joomla! prior to 1.5.15 allows remote authenticated users, with Author privileges, to replace the articles of an arbitrary user via unknown vectors.
Joomla Joomla\\! 1.5.13
Joomla Joomla\\! 1.5.12
Joomla Joomla\\! 1.5.4
Joomla Joomla\\! 1.5.3
Joomla Joomla\\!
Joomla Joomla\\! 1.5.6
Joomla Joomla\\! 1.5.5
Joomla Joomla\\! 1.5.11
Joomla Joomla\\! 1.5.10
Joomla Joomla\\! 1.5.2
Joomla Joomla\\! 1.5.1
Joomla Joomla\\! 1.5.9
Joomla Joomla\\! 1.5.8
Joomla Joomla\\! 1.5.7
Joomla Joomla\\! 1.5.0
NA
CVE-2006-4532
PHP remote file inclusion vulnerability in articles/article.php in Yet Another Community System (YACS) CMS 6.6.1 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the context[path_to_root] parameter.
Bernard Pacques Yet Another Community System Cms 6.6.1
1 EDB exploit
NA
CVE-2013-3081
SQL injection vulnerability in the checkEmailFormat function in plugins/jojo_core/classes/Jojo.php in Jojo prior to 1.2.2 allows remote malicious users to execute arbitrary SQL commands via the X-Forwarded-For HTTP header to /articles/test/.
Jojocms Jojo-cms
Jojocms Jojo-cms 1.2
Jojocms Jojo-cms 1.1
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »