Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
content management system vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2012-3791
Multiple SQL injection vulnerabilities in Simple Web Content Management System 1.1 allow remote malicious users to execute arbitrary SQL commands via the id parameter to (1) item_delete.php, (2) item_status.php, (3) item_detail.php, (4) item_modify.php, or (5) item_position.php i...
Cms-center Simple Web Content Management System 1.1
1 EDB exploit
4.3
CVSSv2
CVE-2006-4017
Cross-site scripting (XSS) vulnerability in the search module in Inter Network Marketing (INM) CMS G3 allows remote malicious users to inject arbitrary web script or HTML via the search_string parameter.
Inter Network Marketing Ag G3 Content Management System
7.5
CVSSv2
CVE-2003-1251
The (1) menu.inc.php, (2) datasets.php and (3) mass_operations.inc.php (mistakenly referred to as mass_opeations.inc.php) scripts in N/X 2002 allow remote malicious users to execute arbitrary PHP code via a c_path that references a URL on a remote web server that contains the cod...
Nx N X Web Content Management System 2002 Prerelease1
2 EDB exploits
NA
CVE-2021-33371
A stored cross-site scripting (XSS) vulnerability in /nav_bar_action.php of Student Management System v1.0 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Chat box.
Student Management System Project Student Management System 1.0
9
CVSSv2
CVE-2013-3444
The web framework in Cisco WAAS Software prior to 4.x and 5.x prior to 5.0.3e, 5.1.x prior to 5.1.1c, and 5.2.x prior to 5.2.1; Cisco ACNS Software 4.x and 5.x prior to 5.5.29.2; Cisco ECDS Software 2.x prior to 2.5.6; Cisco CDS-IS Software 2.x prior to 2.6.3.b50 and 3.1.x prior ...
Cisco Wide Area Application Services 4.1.1
Cisco Wide Area Application Services 4.1.3
Cisco Wide Area Application Services 4.1.5
Cisco Wide Area Application Services 4.1.7
Cisco Wide Area Application Services 4.3.5
Cisco Wide Area Application Services 4.3.1
Cisco Wide Area Application Services 4.3.3
Cisco Wide Area Application Services 5.0.3
Cisco Wide Area Application Services 5.0.1
Cisco Wide Area Application Services 4.2.1
Cisco Wide Area Application Services 4.2.3
Cisco Wide Area Application Services 4.4.3
Cisco Wide Area Application Services 4.4.7
Cisco Wide Area Application Services 4.4.5
Cisco Wide Area Application Services 4.4.1
Cisco Wide Area Application Services 5.1.1
Cisco Wide Area Application Services 5.2
Cisco Wide Area Application Services 4.0.1
Cisco Wide Area Application Services 4.0.3
Cisco Wide Area Application Services 4.0.19
Cisco Wide Area Application Services 4.0.21
Cisco Wide Area Application Services 4.0.9
7.5
CVSSv2
CVE-2002-0700
Buffer overflow in a system function that performs user authentication for Microsoft Content Management Server (MCMS) 2001 allows malicious users to execute code in the Local System context by authenticating to a web page that calls the function, aka "Unchecked Buffer in MDA...
Microsoft Content Management Server 2001
4.6
CVSSv2
CVE-2005-3474
The aries.sys driver in Sony First4Internet XCP DRM software hides any file, registry key, or process with a name that starts with "$sys$", which allows malicious users to hide activities on a system that uses XCP.
Sony First4internet Xcp Content Management
9
CVSSv2
CVE-2020-12873
An issue exists in Alfresco Enterprise Content Management (ECM) prior to 6.2.1. A user with privileges to edit a FreeMarker template (e.g., a webscript) may execute arbitrary Java code or run arbitrary system commands with the same privileges as the account running Alfresco.
Atlassian Alfresco Enterprise Content Management
1 Github repository
NA
CVE-2022-36193
SQL injection in School Management System 1.0 allows remote malicious users to modify or delete data, causing persistent changes to the application's content or behavior by using malicious SQL queries.
School Management System Project School Management System 1.0
1 Github repository
4
CVSSv2
CVE-2015-6362
The web GUI in Cisco Connected Grid Network Management System (CG-NMS) 3.0(0.35) and 3.0(0.54) allows remote authenticated users to bypass intended access restrictions and modify the configuration by leveraging the Monitor-Only role, aka Bug ID CSCuw42640.
Cisco Connected Grid Network Management System 3.0\\(0.35\\)
Cisco Connected Grid Network Management System 3.0\\(0.54\\)
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »