Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
content management system vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-0466
Cross-site scripting (XSS) vulnerability in search.asp in Goldstag Content Management System allows remote malicious users to inject arbitrary web script or HTML via the text parameter.
Goldstag Goldstag Content Management System
6.1
CVSSv3
CVE-2016-6133
Cross-site scripting (XSS) vulnerability in Ektron Content Management System prior to 9.1.0.184SP3(9.1.0.184.3.127) allows remote malicious users to inject arbitrary web script or HTML via the rptStatus parameter in a Report action to WorkArea/SelectUserGroup.aspx.
Ektron Ektron Content Management System
NA
CVE-2007-1966
Session fixation vulnerability in eXV2 CMS 2.0.4.3 and previous versions allows remote malicious users to hijack web sessions by setting the PHPSESSID cookie.
Exv2 Content Management System 2.0.4.3
NA
CVE-2006-5626
Cross-site scripting (XSS) vulnerability in cms_images/js/htmlarea/htmlarea.php in phpFaber Content Management System (CMS) prior to 1.3.36 on 20061026 allows remote malicious users to inject arbitrary web script or HTML, probably via arbitrary parameters in the query string, as ...
Phpfaber Phpfaber Content Management System
1 EDB exploit
NA
CVE-2007-1907
PHP remote file inclusion vulnerability in warn.php in Pathos Content Management System (CMS) 0.92-2 allows remote malicious users to execute arbitrary PHP code via a URL in the file parameter.
Pathos Content Management System 0.92.2
1 EDB exploit
NA
CVE-2015-3624
Cross-site request forgery (CSRF) vulnerability in Test/WorkArea/DmsMenu/menuActions/MenuActions.aspx in Ektron Content Management System (CMS) prior to 9.10 SP1 (Build 9.1.0.184.1.120) allows remote malicious users to hijack the authentication of content administrators for reque...
Ektron Ektron Content Management System
1 EDB exploit
NA
CVE-2001-0418
content.pl script in NCM Content Management System allows remote malicious users to read arbitrary contents of the content database by inserting SQL characters into the id parameter.
Ncm Ncm Content Management System
1 EDB exploit
NA
CVE-2015-4427
Multiple cross-site scripting (XSS) vulnerabilities in Test/WorkArea/workarea.aspx in Ektron Content Management System (CMS) prior to 9.10 SP1 (Build 9.1.0.184.1.114) allow remote authenticated users to inject arbitrary web script or HTML via the (1) page, (2) action, (3) folder_...
Ektron Ektron Content Management System
NA
CVE-2006-6110
Multiple SQL injection vulnerabilities in an unspecified BPG-InfoTech Content Management System product allow remote malicious users to execute arbitrary SQL commands via the (1) vjob parameter in publications_list.asp or (2) InfoID parameter in publication_view.asp.
Bpg-infotech Content Management System
8.8
CVSSv3
CVE-2022-3770
A vulnerability classified as critical was found in Yunjing CMS. This vulnerability affects unknown code of the file /index/user/upload_img.html. The manipulation of the argument file leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclos...
Xjyunjing Yunjing Content Management System -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »