Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
genixcms vulnerabilities and exploits
(subscribe to this query)
312
VMScore
CVE-2022-24563
In Genixcms v1.1.11, a stored Cross-Site Scripting (XSS) vulnerability exists in /gxadmin/index.php?page=themes&view=options" via the intro_title and intro_image parameters.
Metalgenix Genixcms 1.1.11
578
VMScore
CVE-2017-5345
SQL injection vulnerability in inc/lib/Control/Ajax/tags-ajax.control.php in GeniXCMS 0.0.8 allows remote authenticated editors to execute arbitrary SQL commands via the term parameter to the default URI.
Metalgenix Genixcms 0.0.8
578
VMScore
CVE-2017-5347
SQL injection vulnerability in inc/mod/newsletter/options.php in GeniXCMS 0.0.8 allows remote authenticated administrators to execute arbitrary SQL commands via the recipient parameter to gxadmin/index.php.
Metalgenix Genixcms 0.0.8
383
VMScore
CVE-2018-14476
GeniXCMS 1.1.5 has XSS via the dbuser or dbhost parameter during step 1 of installation.
Metalgenix Genixcms 1.1.5
435
VMScore
CVE-2015-5066
Multiple cross-site scripting (XSS) vulnerabilities in the MetalGenix GeniXCMS 0.0.3 allow remote malicious users to inject arbitrary web script or HTML via the (1) content or (2) title field in an add action in the posts page to index.php or the (3) q parameter in the posts page...
Metalgenix Genixcms 0.0.3
1 EDB exploit
605
VMScore
CVE-2020-10057
GeniXCMS 1.1.7 is vulnerable to user privilege escalation due to broken access control. This issue exists because of an incomplete fix for CVE-2015-2680, in which "token" is used as a CSRF protection mechanism, but without validation that "token" is associated...
Metalgenix Genixcms 1.1.7
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4