Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
content manager vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2011-0903
Multiple directory traversal vulnerabilities in AR Web Content Manager (AWCM) 2.2 allow remote malicious users to read arbitrary files and possibly have other unspecified impact via a .. (dot dot) in the (1) awcm_theme or (2) awcm_lang cookie to (a) index.php or (b) header.php.
Awcm-cms Ar Web Content Manager 2.2
1 EDB exploit
NA
CVE-2009-3218
SQL injection vulnerability in control/login.php in AR Web Content Manager (AWCM) 2.1, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the username parameter.
The-ghost Ar Web Content Manager 2.1
1 EDB exploit
NA
CVE-2009-3219
Directory traversal vulnerability in a.php in AR Web Content Manager (AWCM) 2.1, when magic_quotes_gpc is disabled, allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the a parameter.
The-ghost Ar Web Content Manager 2.1
1 EDB exploit
NA
CVE-2012-2438
ar web content manager (AWCM) 2.2 does not restrict the number of comment records that can be submitted through HTTP requests, which allows remote malicious users to cause a denial of service (disk consumption) via the coment parameter to (1) show_video.php or (2) topic.php.
Awcm-cms Ar Web Content Manager 2.2
NA
CVE-2012-2437
cookie_gen.php in ar web content manager (AWCM) 2.2 does not require authentication, which allows remote malicious users to generate arbitrary cookies via the name parameter in conjunction with the content parameter.
Awcm-cms Ar Web Content Manager 2.2
1 EDB exploit
8.8
CVSSv3
CVE-2016-2901
Cross-site request forgery (CSRF) vulnerability in the PA_Theme_Creator application in IBM WebSphere Portal 8.5 CF08 through CF10 and Web Content Manager allows remote malicious users to hijack the authentication of arbitrary users for requests that insert XSS sequences.
Ibm Websphere Portal 8.5.0.0
Ibm Web Content Manager
NA
CVE-2006-5258
The spell checking component of (1) Asbru Web Content Management prior to 6.1.22, (2) Asbru Web Content Editor prior to 6.0.22, and (3) Asbru Website Manager prior to 6.0.22 allows remote malicious users to execute arbitrary commands via an unspecified parameter that is not sanit...
Asbru Software Asbru Website Manager 6.0.20
Asbru Software Asbru Web Content Management
Asbru Software Asbru Web Content Management 6.0
Asbru Software Asbru Web Content Management 6.1
Asbru Software Asbru Web Content Management 6.0.17
Asbru Software Asbru Web Content Management 6.1.19
NA
CVE-2013-6329
IBM Global Security Kit (aka GSKit), as used in Content Manager OnDemand 8.5 and 9.0 and other products, allows remote malicious users to cause a denial of service via a crafted handshake during resumption of an SSLv2 session.
Ibm Security Access Manager For Web 6.1.1
Ibm Security Access Manager For Web 7.0
Ibm Content Manager Ondemand For Multiplatforms 9.0
Ibm Global Security Kit -
Ibm Content Manager Ondemand For Multiplatforms 8.5
Ibm Security Access Manager For Web 6.0
Ibm Security Access Manager For Web 6.1
NA
CVE-2011-0758
The eCS component (ECSQdmn.exe) in CA ETrust Secure Content Manager 8.0 and CA Gateway Security 8.1 allows remote malicious users to cause a denial of service (crash) and execute arbitrary code via a crafted request to port 1882, involving an incorrect integer calculation and a h...
Ca Etrust Secure Content Manager 8.0
Ca Gateway Security 8.1
NA
CVE-2011-2754
Cross-site scripting (XSS) vulnerability in the PageBuilder2 (aka Page Builder) theme in IBM WebSphere Portal 7.x prior to 7.0.0.1 CF006, as used in IBM Web Content Manager (WCM) and other products, allows remote malicious users to inject arbitrary web script or HTML via unspecif...
Ibm Websphere Portal 7.0.0.1
Ibm Web Content Manager
Ibm Websphere Portal 7.0.0.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »