Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
articles vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2020-19037
Incorrect Access Control vulnearbility in Halo 0.4.3, which allows a malicious user to bypass encrption to view encrpted articles via cookies.
Halo Halo 0.4.3
383
VMScore
CVE-2020-21321
emlog v6.0 contains a Cross-Site Request Forgery (CSRF) via /admin/link.php?action=addlink, which allows malicious users to arbitrarily add articles.
Emlog Emlog 6.0.0
755
VMScore
CVE-2007-5305
Multiple PHP remote file inclusion vulnerabilities in ELSEIF CMS Beta 0.6 allow remote malicious users to execute arbitrary PHP code via a URL in the (1) contenus parameter to (a) contenus.php; the (2) tpelseifportalrepertoire parameter to (b) votes.php, (c) espaceperso.php, (d) ...
Yannick Tanguy Else If Cms 0.6-beta
1 EDB exploit
312
VMScore
CVE-2018-12429
JEESNS up to and including 1.2.1 allows XSS attacks by ordinary users who publish articles containing a crafted payload in order to capture an administrator cookie.
Jeesns Jeesns
436
VMScore
CVE-2019-8902
An issue exists in idreamsoft iCMS up to and including 7.0.14. A CSRF vulnerability can delete users' articles via the public/api.php?app=user URI.
Idreamsoft Icms
516
VMScore
CVE-2019-9051
An issue exists in Pluck 4.7.9-dev1. There is a CSRF vulnerability that can delete articles via a /admin.php?action=deletepage&var1= URI.
Pluck-cms Pluck 4.7.9
668
VMScore
CVE-2006-1555
VSNS Lemon 3.2.0 allows remote malicious users to bypass authentication and access password-protected articles by setting the vsns[topic_id] cookie to the targeted topic.
Tachyon Vsns Lemon 3.2.0
445
VMScore
CVE-2021-41564
Tad Honor viewing book list function is vulnerable to authorization bypass, thus remote attackers can use special parameters to delete articles arbitrarily without logging in.
Tad Honor Project Tad Honor
605
VMScore
CVE-2008-1533
Unspecified vulnerability in the XML-RPC Blogger API plugin in Joomla! 1.5 allows remote malicious users to perform unauthorized article operations on articles via unknown vectors.
Joomla Joomla
NA
CVE-2023-29638
Cross Site Scripting (XSS) vulnerability in WinterChenS my-site before commit 3f0423da6d5200c7a46e200da145c1f54ee18548, allows malicious users to inject arbitrary web script or HTML via editing blog articles.
Winterchen My-site
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »