Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cms vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-3478
PHP remote file inclusion vulnerability in styles/default/global_header.php in MyPHP CMS 0.3 and previous versions, when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via a URL in the domain parameter.
Myphp Cms Myphp Cms 0.3
Myphp Cms Myphp Cms 0.3.1
1 EDB exploit
NA
CVE-2008-1913
SQL injection vulnerability in index.php in Lasernet CMS 1.5 and 1.11, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the new parameter in a new action.
Lasernet Cms Lasernet Cms 1.5
Lasernet Cms Lasernet Cms 1.11
1 EDB exploit
NA
CVE-2006-2142
PHP remote file inclusion vulnerability in classes/adodbt/sql.php in Limbo CMS 1.04 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the classes_dir parameter.
Limbo Cms Limbo Cms 1.0.4
Limbo Cms Limbo Cms 1.0.4.2
1 EDB exploit
NA
CVE-2006-1662
The frontpage option in Limbo CMS 1.0.4.2 and 1.0.4.1 allows remote malicious users to execute arbitrary PHP commands via the Itemid parameter in index.php.
Limbo Cms Limbo Cms 1.0.4.1
Limbo Cms Limbo Cms 1.0.4.2
2 EDB exploits
NA
CVE-2008-4356
Multiple SQL injection vulnerabilities in Kasseler CMS 1.1.0 and 1.2.0 allow remote malicious users to execute arbitrary SQL commands via (1) the nid parameter to index.php in a View action to the News module; (2) the vid parameter to index.php in a Result action to the Voting mo...
Kasseler-cms Kasseler Cms 1.1.0
Kasseler-cms Kasseler Cms 1.2.0
1 EDB exploit
NA
CVE-2008-3088
Cross-site scripting (XSS) vulnerability in the Files module in Kasseler CMS 1.3.0 and 1.3.1 Lite allows remote malicious users to inject arbitrary web script or HTML via the cid parameter in a Category action to index.php.
Kasseler-cms Kasseler Cms 1.3.0
Kasseler-cms Kasseler Cms 1.3.1
1 EDB exploit
NA
CVE-2006-2105
Directory traversal vulnerability in index.php in Jupiter CMS 1.1.4 and 1.1.5 allows remote malicious users to read arbitrary files via ".." sequences terminated by a %00 (null) character in the n parameter.
Jupiter Cms Jupiter Cms 1.1.4
Jupiter Cms Jupiter Cms 1.1.5
NA
CVE-2010-2797
Directory traversal vulnerability in lib/translation.functions.php in CMS Made Simple prior to 1.8.1 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the default_cms_lang parameter to an admin script, as demonstrated by admin/addboo...
Cmsmadesimple Cms Made Simple 1.0
Cmsmadesimple Cms Made Simple 1.6.3
Cmsmadesimple Cms Made Simple 1.6.5
Cmsmadesimple Cms Made Simple 1.5.1
Cmsmadesimple Cms Made Simple 1.5.3
Cmsmadesimple Cms Made Simple 1.2.1
Cmsmadesimple Cms Made Simple 1.1.1
Cmsmadesimple Cms Made Simple 1.0.3
Cmsmadesimple Cms Made Simple 1.4.1
Cmsmadesimple Cms Made Simple 1.2
Cmsmadesimple Cms Made Simple 1.1
Cmsmadesimple Cms Made Simple 1.2.2
Cmsmadesimple Cms Made Simple
Cmsmadesimple Cms Made Simple 1.5.4
Cmsmadesimple Cms Made Simple 1.6
Cmsmadesimple Cms Made Simple 1.6.1
Cmsmadesimple Cms Made Simple 1.6.2
Cmsmadesimple Cms Made Simple 1.0.8
Cmsmadesimple Cms Made Simple 1.0.7
Cmsmadesimple Cms Made Simple 1.0.6
Cmsmadesimple Cms Made Simple 1.0.4
Cmsmadesimple Cms Made Simple 1.0.5
NA
CVE-2012-6064
Directory traversal vulnerability in lib/filemanager/imagemanager/images.php in CMS Made Simple (CMSMS) prior to 1.11.2.1 allows remote authenticated administrators to delete arbitrary files via a .. (dot dot) in the deld parameter. NOTE: this can be leveraged using CSRF (CVE-201...
Cmsmadesimple Cms Made Simple 1.9.4
Cmsmadesimple Cms Made Simple 1.9.4.1
Cmsmadesimple Cms Made Simple 1.9
Cmsmadesimple Cms Made Simple 1.1.3.1
Cmsmadesimple Cms Made Simple 1.7
Cmsmadesimple Cms Made Simple 1.6
Cmsmadesimple Cms Made Simple 1.6.1
Cmsmadesimple Cms Made Simple 1.3
Cmsmadesimple Cms Made Simple 1.4
Cmsmadesimple Cms Made Simple 1.0.1
Cmsmadesimple Cms Made Simple 1.4.1
Cmsmadesimple Cms Made Simple 1.2
Cmsmadesimple Cms Made Simple 0.6.1
Cmsmadesimple Cms Made Simple 0.7
Cmsmadesimple Cms Made Simple 0.4
Cmsmadesimple Cms Made Simple 0.3.2
Cmsmadesimple Cms Made Simple 0.8.1
Cmsmadesimple Cms Made Simple 0.8.2
Cmsmadesimple Cms Made Simple 0.12
Cmsmadesimple Cms Made Simple 0.11.2
Cmsmadesimple Cms Made Simple
Cmsmadesimple Cms Made Simple 1.9.2
NA
CVE-2012-5450
Cross-site request forgery (CSRF) vulnerability in lib/filemanager/imagemanager/images.php in CMS Made Simple (CMSMS) 1.11.2 and previous versions allows remote malicious users to hijack the authentication of administrators for requests that delete arbitrary files via the deld pa...
Cmsmadesimple Cms Made Simple 1.9.3
Cmsmadesimple Cms Made Simple 1.9.4
Cmsmadesimple Cms Made Simple 1.8.2
Cmsmadesimple Cms Made Simple 1.9
Cmsmadesimple Cms Made Simple 1.6.6
Cmsmadesimple Cms Made Simple 1.5.4
Cmsmadesimple Cms Made Simple
Cmsmadesimple Cms Made Simple 1.9.1
Cmsmadesimple Cms Made Simple 1.1.3
Cmsmadesimple Cms Made Simple 1.6.7
Cmsmadesimple Cms Made Simple 1.6.3
Cmsmadesimple Cms Made Simple 1.5
Cmsmadesimple Cms Made Simple 1.5.1
Cmsmadesimple Cms Made Simple 1.2.3
Cmsmadesimple Cms Made Simple 1.2.1
Cmsmadesimple Cms Made Simple 1.7.1
Cmsmadesimple Cms Made Simple 1.8.1
Cmsmadesimple Cms Made Simple 1.1
Cmsmadesimple Cms Made Simple 0.1
Cmsmadesimple Cms Made Simple 0.7.2
Cmsmadesimple Cms Made Simple 0.7.1
Cmsmadesimple Cms Made Simple 0.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »