Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
articles vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-0480
Cross-site scripting (XSS) vulnerability in the Articles module in sPaiz-Nuke allows remote malicious users to inject arbitrary web script or HTML via the query parameter in the search file.
Spaiz Spaiz-nuke Cms 0
1 EDB exploit
NA
CVE-2006-1350
PHP remote file include vulnerability in index.php in 99Articles.com (aka ArticlesOne.com) Free articles directory allows remote malicious users to include and execute arbitrary PHP code via a URL in the page parameter.
Articlesone 99articles Directory
4.3
CVSSv3
CVE-2020-20943
A Cross-Site Request Forgery (CSRF) in /member/post.php?job=postnew&step=post of Qibosoft v7 allows malicious users to force victim users into arbitrarily publishing new articles via a crafted URL.
Qibosoft Qibosoft 7.0
6.5
CVSSv3
CVE-2020-20343
WTCMS 1.0 contains a cross-site request forgery (CSRF) vulnerability in the index.php?g=admin&m=nav&a=add_post component that allows malicious users to arbitrarily add articles in the administrator background.
Wtcms Project Wtcms 1.0
9.8
CVSSv3
CVE-2020-10243
An issue exists in Joomla! prior to 3.9.16. The lack of type casting of a variable in a SQL statement leads to a SQL injection vulnerability in the Featured Articles frontend menutype.
Joomla Joomla\\!
6.5
CVSSv3
CVE-2023-29868
Zammad 5.3.x (Fixed in 5.4.0) is vulnerable to Incorrect Access Control. An authenticated attacker with agent and customer roles could perform unauthorized changes on articles where they only have customer permissions.
Zammad Zammad
6.1
CVSSv3
CVE-2023-24369
A cross-site scripting (XSS) vulnerability in UJCMS v4.1.3 allows malicious users to execute arbitrary web scripts or HTML via injecting a crafted payload into the URL parameter under the Add New Articles function.
Ujcms Ujcms
NA
CVE-2009-3945
Unspecified vulnerability in the Front-End Editor in the com_content component in Joomla! prior to 1.5.15 allows remote authenticated users, with Author privileges, to replace the articles of an arbitrary user via unknown vectors.
Joomla Joomla\\! 1.5.13
Joomla Joomla\\! 1.5.12
Joomla Joomla\\! 1.5.4
Joomla Joomla\\! 1.5.3
Joomla Joomla\\!
Joomla Joomla\\! 1.5.6
Joomla Joomla\\! 1.5.5
Joomla Joomla\\! 1.5.11
Joomla Joomla\\! 1.5.10
Joomla Joomla\\! 1.5.2
Joomla Joomla\\! 1.5.1
Joomla Joomla\\! 1.5.9
Joomla Joomla\\! 1.5.8
Joomla Joomla\\! 1.5.7
Joomla Joomla\\! 1.5.0
NA
CVE-2013-3081
SQL injection vulnerability in the checkEmailFormat function in plugins/jojo_core/classes/Jojo.php in Jojo prior to 1.2.2 allows remote malicious users to execute arbitrary SQL commands via the X-Forwarded-For HTTP header to /articles/test/.
Jojocms Jojo-cms
Jojocms Jojo-cms 1.2
Jojocms Jojo-cms 1.1
1 EDB exploit
NA
CVE-2006-3103
Cross-site scripting (XSS) vulnerability in Bitweaver 1.3 allows remote malicious users to inject arbitrary web script or HTML via the (1) error parameter in users/login.php and the (2) feedback parameter in articles/index.php.
Bitweaver Bitweaver 1.3
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »