Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
expressionengine vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2020-13443
ExpressionEngine prior to 5.3.2 allows remote malicious users to upload and execute arbitrary code in a .php%20 file via Compose Msg, Add attachment, and Save As Draft actions. A user with low privileges (member) is able to upload this. It is possible to bypass the MIME type chec...
Expressionengine Expressionengine
5.4
CVSSv3
CVE-2017-1000160
EllisLab ExpressionEngine 3.4.2 is vulnerable to cross-site scripting resulting in PHP code injection
Expressionengine Expressionengine 3.4.2
NA
CVE-2006-0461
Cross-site scripting (XSS) vulnerability in core.input.php in ExpressionEngine 1.4.1 allows remote malicious users to inject arbitrary web script or HTML via HTTP_REFERER (referer).
Pmachine Expressionengine 1.4.1
1 EDB exploit
NA
CVE-2011-4025
ExpressionEngine version 2.2.2 and CodeIgniter version 2.0.3 suffer from filter bypass and cross site scripting vulnerabilities.
9.8
CVSSv3
CVE-2024-0738
A vulnerability, which was classified as critical, has been found in ???? mldong 1.0. This issue affects the function ExpressionEngine of the file com/mldong/modules/wf/engine/model/DecisionModel.java. The manipulation leads to code injection. The attack may be initiated remotely...
Garethhk Mldong 1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2