Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
genixcms vulnerabilities and exploits
(subscribe to this query)
578
VMScore
CVE-2017-14764
In the Upload Modules page in GeniXCMS 1.1.4, remote authenticated users can execute arbitrary PHP code via a .php file in a ZIP archive of a module.
Genixcms Genixcms 1.1.4
312
VMScore
CVE-2017-8376
GeniXCMS 1.0.2 has XSS triggered by an authenticated comment that is mishandled during a mouse operation by an administrator.
Genixcms Genixcms 1.0.2
578
VMScore
CVE-2017-8377
GeniXCMS 1.0.2 has SQL Injection in inc/lib/Control/Backend/menus.control.php via the menuid parameter.
Genixcms Genixcms 1.0.2
445
VMScore
CVE-2017-8388
GeniXCMS 1.0.2 allows remote malicious users to bypass the alertDanger MSG_USER_EMAIL_EXIST protection mechanism via a register.php?act=edit&id=1 request.
Genixcms Genixcms 1.0.2
383
VMScore
CVE-2017-14762
In GeniXCMS 1.1.4, /inc/lib/Control/Backend/menus.control.php has XSS via the id parameter.
Genixcms Genixcms 1.1.4
312
VMScore
CVE-2017-8762
GeniXCMS 1.0.2 has XSS triggered by an authenticated user who submits a page, as demonstrated by a crafted oncut attribute in a B element.
Genixcms Genixcms 1.0.2
312
VMScore
CVE-2017-8780
GeniXCMS 1.0.2 has XSS triggered by a comment that is mishandled during a publish operation by an administrator, as demonstrated by a malformed P element.
Genixcms Genixcms 1.0.2
383
VMScore
CVE-2017-17431
GeniXCMS 1.1.5 has XSS via the from, id, lang, menuid, mod, q, status, term, to, or token parameter. NOTE: this might overlap CVE-2017-14761, CVE-2017-14762, or CVE-2017-14765.
Genixcms Genixcms 1.1.5
312
VMScore
CVE-2017-5515
Cross-site scripting (XSS) vulnerability in the user prompt function in GeniXCMS up to and including 0.0.8 allows remote authenticated users to inject arbitrary web script or HTML via tag names.
Metalgenix Genixcms
383
VMScore
CVE-2017-5516
Multiple cross-site scripting (XSS) vulnerabilities in the user forms in GeniXCMS up to and including 0.0.8 allow remote malicious users to inject arbitrary web script or HTML via crafted parameters.
Metalgenix Genixcms
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »