Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
articles vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2006-0480
Cross-site scripting (XSS) vulnerability in the Articles module in sPaiz-Nuke allows remote malicious users to inject arbitrary web script or HTML via the query parameter in the search file.
Spaiz Spaiz-nuke Cms 0
1 EDB exploit
4.3
CVSSv2
CVE-2020-20343
WTCMS 1.0 contains a cross-site request forgery (CSRF) vulnerability in the index.php?g=admin&m=nav&a=add_post component that allows malicious users to arbitrarily add articles in the administrator background.
Wtcms Project Wtcms 1.0
4.3
CVSSv2
CVE-2020-20943
A Cross-Site Request Forgery (CSRF) in /member/post.php?job=postnew&step=post of Qibosoft v7 allows malicious users to force victim users into arbitrarily publishing new articles via a crafted URL.
Qibosoft Qibosoft 7.0
7.5
CVSSv2
CVE-2006-1350
PHP remote file include vulnerability in index.php in 99Articles.com (aka ArticlesOne.com) Free articles directory allows remote malicious users to include and execute arbitrary PHP code via a URL in the page parameter.
Articlesone 99articles Directory
7.5
CVSSv2
CVE-2020-10243
An issue exists in Joomla! prior to 3.9.16. The lack of type casting of a variable in a SQL statement leads to a SQL injection vulnerability in the Featured Articles frontend menutype.
Joomla Joomla\\!
NA
CVE-2023-29868
Zammad 5.3.x (Fixed in 5.4.0) is vulnerable to Incorrect Access Control. An authenticated attacker with agent and customer roles could perform unauthorized changes on articles where they only have customer permissions.
Zammad Zammad
NA
CVE-2023-24369
A cross-site scripting (XSS) vulnerability in UJCMS v4.1.3 allows malicious users to execute arbitrary web scripts or HTML via injecting a crafted payload into the URL parameter under the Add New Articles function.
Ujcms Ujcms
5.5
CVSSv2
CVE-2009-3945
Unspecified vulnerability in the Front-End Editor in the com_content component in Joomla! prior to 1.5.15 allows remote authenticated users, with Author privileges, to replace the articles of an arbitrary user via unknown vectors.
Joomla Joomla\\! 1.5.13
Joomla Joomla\\! 1.5.12
Joomla Joomla\\! 1.5.4
Joomla Joomla\\! 1.5.3
Joomla Joomla\\!
Joomla Joomla\\! 1.5.6
Joomla Joomla\\! 1.5.5
Joomla Joomla\\! 1.5.11
Joomla Joomla\\! 1.5.10
Joomla Joomla\\! 1.5.2
Joomla Joomla\\! 1.5.1
Joomla Joomla\\! 1.5.9
Joomla Joomla\\! 1.5.8
Joomla Joomla\\! 1.5.7
Joomla Joomla\\! 1.5.0
7.5
CVSSv2
CVE-2013-3081
SQL injection vulnerability in the checkEmailFormat function in plugins/jojo_core/classes/Jojo.php in Jojo prior to 1.2.2 allows remote malicious users to execute arbitrary SQL commands via the X-Forwarded-For HTTP header to /articles/test/.
Jojocms Jojo-cms
Jojocms Jojo-cms 1.2
Jojocms Jojo-cms 1.1
1 EDB exploit
7.5
CVSSv2
CVE-2006-4532
PHP remote file inclusion vulnerability in articles/article.php in Yet Another Community System (YACS) CMS 6.6.1 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the context[path_to_root] parameter.
Bernard Pacques Yet Another Community System Cms 6.6.1
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »