Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
blog cms vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-39650
Theme Volty CMS Blog up to version v4.0.1 exists to contain a SQL injection vulnerability via the id parameter at /tvcmsblog/single.
Themevolty Theme Volty Cms Blog
NA
CVE-2006-6035
Cross-site scripting (XSS) vulnerability in list.php in BLOG:CMS 4.1.3 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the FADDR parameter.
F-art Agency Blog Cms
1 EDB exploit
5.4
CVSSv3
CVE-2018-18736
An XSS issue exists in catfish blog 2.0.33, related to "write source code."
Catfish-cms Catfish Blog 2.0.33
9.8
CVSSv3
CVE-2017-15983
MyMagazine Magazine & Blog CMS 1.0 allows SQL Injection via the id parameter to admin/admin_process.php for form editing.
Geniusocean Mymagazine Magazine \\& Blog Cms 1.0
1 EDB exploit
NA
CVE-2006-4748
Multiple SQL injection vulnerabilities in F-ART BLOG:CMS 4.1 allow remote malicious users to execute arbitrary SQL commands via the (1) xagent, (2) xpath, (3) xreferer, and (4) xdns parameters in (a) admin/plugins/NP_Log.php, and the (5) pitem parameter in (b) admin/plugins/NP_Po...
F-art Agency Blog Cms 4.1
9.8
CVSSv3
CVE-2022-28512
A SQL injection vulnerability exists in Sourcecodester Fantastic Blog CMS 1.0 . An attacker can inject query in "/fantasticblog/single.php" via the "id=5" parameters.
Fantastic Blog Project Fantastic Blog 1.0
1 Github repository
6.1
CVSSv3
CVE-2021-26224
Cross-site scripting (XSS) vulnerability in SourceCodester Fantastic-Blog-CMS V 1.0 allows remote malicious users to inject arbitrary web script or HTML via the search field to search.php.
Fantastic Blog Project Fantastic Blog 1.0
NA
CVE-2006-6771
Multiple PHP remote file inclusion vulnerabilities in Irokez CMS 0.7.1 and previous versions, when register_globals is enabled, allow remote malicious users to execute arbitrary PHP code via a URL in the (1) GLOBALS[PTH][func] parameter in (a) scripts/gallery.scr.php; the (2) GLO...
Irokez Irokez Cms
2 EDB exploits
8.8
CVSSv3
CVE-2022-1064
SQL injection through marking blog comments on bulk as spam in GitHub repository forkcms/forkcms before 5.11.1.
Fork-cms Fork Cms
4.8
CVSSv3
CVE-2018-19902
No-CMS 1.1.3 is prone to Persistent XSS via the blog/manage_article "keyword" parameter.
No-cms Project No-cms 1.1.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »