Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cms vulnerabilities and exploits
(subscribe to this query)
760
VMScore
CVE-2006-1662
The frontpage option in Limbo CMS 1.0.4.2 and 1.0.4.1 allows remote malicious users to execute arbitrary PHP commands via the Itemid parameter in index.php.
Limbo Cms Limbo Cms 1.0.4.1
Limbo Cms Limbo Cms 1.0.4.2
2 EDB exploits
755
VMScore
CVE-2008-4356
Multiple SQL injection vulnerabilities in Kasseler CMS 1.1.0 and 1.2.0 allow remote malicious users to execute arbitrary SQL commands via (1) the nid parameter to index.php in a View action to the News module; (2) the vid parameter to index.php in a Result action to the Voting mo...
Kasseler-cms Kasseler Cms 1.1.0
Kasseler-cms Kasseler Cms 1.2.0
1 EDB exploit
755
VMScore
CVE-2006-3478
PHP remote file inclusion vulnerability in styles/default/global_header.php in MyPHP CMS 0.3 and previous versions, when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via a URL in the domain parameter.
Myphp Cms Myphp Cms 0.3
Myphp Cms Myphp Cms 0.3.1
1 EDB exploit
445
VMScore
CVE-2006-2105
Directory traversal vulnerability in index.php in Jupiter CMS 1.1.4 and 1.1.5 allows remote malicious users to read arbitrary files via ".." sequences terminated by a %00 (null) character in the n parameter.
Jupiter Cms Jupiter Cms 1.1.4
Jupiter Cms Jupiter Cms 1.1.5
645
VMScore
CVE-2006-2142
PHP remote file inclusion vulnerability in classes/adodbt/sql.php in Limbo CMS 1.04 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the classes_dir parameter.
Limbo Cms Limbo Cms 1.0.4
Limbo Cms Limbo Cms 1.0.4.2
1 EDB exploit
435
VMScore
CVE-2008-3088
Cross-site scripting (XSS) vulnerability in the Files module in Kasseler CMS 1.3.0 and 1.3.1 Lite allows remote malicious users to inject arbitrary web script or HTML via the cid parameter in a Category action to index.php.
Kasseler-cms Kasseler Cms 1.3.0
Kasseler-cms Kasseler Cms 1.3.1
1 EDB exploit
755
VMScore
CVE-2007-4808
Multiple SQL injection vulnerabilities in TLM CMS 3.2 allow remote malicious users to execute arbitrary SQL commands via (1) the id parameter to news.php in a lirenews action, (2) the idnews parameter to goodies.php in a lire action, (3) the id parameter to file.php in a voir act...
Tlm Cms Tlm Cms 3.2
Tlm Cms Tlm Cms 1.1
1 EDB exploit
668
VMScore
CVE-2010-2797
Directory traversal vulnerability in lib/translation.functions.php in CMS Made Simple prior to 1.8.1 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the default_cms_lang parameter to an admin script, as demonstrated by admin/addboo...
Cmsmadesimple Cms Made Simple 1.0
Cmsmadesimple Cms Made Simple 1.6.3
Cmsmadesimple Cms Made Simple 1.6.5
Cmsmadesimple Cms Made Simple 1.5.1
Cmsmadesimple Cms Made Simple 1.5.3
Cmsmadesimple Cms Made Simple 1.2.1
Cmsmadesimple Cms Made Simple 1.1.1
Cmsmadesimple Cms Made Simple 1.0.3
Cmsmadesimple Cms Made Simple 1.4.1
Cmsmadesimple Cms Made Simple 1.2
Cmsmadesimple Cms Made Simple 1.1
Cmsmadesimple Cms Made Simple 1.2.2
Cmsmadesimple Cms Made Simple
Cmsmadesimple Cms Made Simple 1.5.4
Cmsmadesimple Cms Made Simple 1.6
Cmsmadesimple Cms Made Simple 1.6.1
Cmsmadesimple Cms Made Simple 1.6.2
Cmsmadesimple Cms Made Simple 1.0.8
Cmsmadesimple Cms Made Simple 1.0.7
Cmsmadesimple Cms Made Simple 1.0.6
Cmsmadesimple Cms Made Simple 1.0.4
Cmsmadesimple Cms Made Simple 1.0.5
312
VMScore
CVE-2012-6064
Directory traversal vulnerability in lib/filemanager/imagemanager/images.php in CMS Made Simple (CMSMS) prior to 1.11.2.1 allows remote authenticated administrators to delete arbitrary files via a .. (dot dot) in the deld parameter. NOTE: this can be leveraged using CSRF (CVE-201...
Cmsmadesimple Cms Made Simple 1.9.4
Cmsmadesimple Cms Made Simple 1.9.4.1
Cmsmadesimple Cms Made Simple 1.9
Cmsmadesimple Cms Made Simple 1.1.3.1
Cmsmadesimple Cms Made Simple 1.7
Cmsmadesimple Cms Made Simple 1.6
Cmsmadesimple Cms Made Simple 1.6.1
Cmsmadesimple Cms Made Simple 1.3
Cmsmadesimple Cms Made Simple 1.4
Cmsmadesimple Cms Made Simple 1.0.1
Cmsmadesimple Cms Made Simple 1.4.1
Cmsmadesimple Cms Made Simple 1.2
Cmsmadesimple Cms Made Simple 0.6.1
Cmsmadesimple Cms Made Simple 0.7
Cmsmadesimple Cms Made Simple 0.4
Cmsmadesimple Cms Made Simple 0.3.2
Cmsmadesimple Cms Made Simple 0.8.1
Cmsmadesimple Cms Made Simple 0.8.2
Cmsmadesimple Cms Made Simple 0.12
Cmsmadesimple Cms Made Simple 0.11.2
Cmsmadesimple Cms Made Simple
Cmsmadesimple Cms Made Simple 1.9.2
605
VMScore
CVE-2012-5450
Cross-site request forgery (CSRF) vulnerability in lib/filemanager/imagemanager/images.php in CMS Made Simple (CMSMS) 1.11.2 and previous versions allows remote malicious users to hijack the authentication of administrators for requests that delete arbitrary files via the deld pa...
Cmsmadesimple Cms Made Simple 1.9.3
Cmsmadesimple Cms Made Simple 1.9.4
Cmsmadesimple Cms Made Simple 1.8.2
Cmsmadesimple Cms Made Simple 1.9
Cmsmadesimple Cms Made Simple 1.6.6
Cmsmadesimple Cms Made Simple 1.5.4
Cmsmadesimple Cms Made Simple
Cmsmadesimple Cms Made Simple 1.9.1
Cmsmadesimple Cms Made Simple 1.1.3
Cmsmadesimple Cms Made Simple 1.6.7
Cmsmadesimple Cms Made Simple 1.6.3
Cmsmadesimple Cms Made Simple 1.5
Cmsmadesimple Cms Made Simple 1.5.1
Cmsmadesimple Cms Made Simple 1.2.3
Cmsmadesimple Cms Made Simple 1.2.1
Cmsmadesimple Cms Made Simple 1.7.1
Cmsmadesimple Cms Made Simple 1.8.1
Cmsmadesimple Cms Made Simple 1.1
Cmsmadesimple Cms Made Simple 0.1
Cmsmadesimple Cms Made Simple 0.7.2
Cmsmadesimple Cms Made Simple 0.7.1
Cmsmadesimple Cms Made Simple 0.5
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »