Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
magpierss vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2021-28941
Because of no validation on a curl command in MagpieRSS 0.72 in the /extlib/Snoopy.class.inc file, when you send a request to the /scripts/magpie_debug.php or /scripts/magpie_simple.php page, it's possible to request any internal page if you use a https request.
Magpierss Project Magpierss 0.72
668
VMScore
CVE-2021-28940
Because of a incorrect escaped exec command in MagpieRSS in 0.72 in the /extlib/Snoopy.class.inc file, it is possible to add a extra command to the curl binary. This creates an issue on the /scripts/magpie_debug.php and /scripts/magpie_simple.php page that if you send a specific ...
Magpierss Project Magpierss 0.72
440
VMScore
CVE-2005-3955
Multiple cross-site scripting (XSS) vulnerabilities in MagpieRSS 7.1, as used in (a) blogBuddiesv 0.3, (b) Jaws 0.6.2, and possibly other products, allow remote malicious users to inject arbitrary web script or HTML via the (1) url parameter to (a) magpie_debug.php and (2) rss_ur...
Blogbuddies Blogbuddies 0.3
Jaws Jaws 0.6.2
Magpierss Magpierss 7.1
2 EDB exploits
445
VMScore
CVE-2006-4735
Kellan Elliott-McCrea MagpieRSS allows remote malicious users to obtain sensitive information via a direct request for (1) rss_fetch.inc.php or (2) rss_parse.inc.php, which reveals the path in various error messages.
Kellan Elliott-mccrea Magpierss
435
VMScore
CVE-2011-0740
Cross-site scripting (XSS) vulnerability in magpie/scripts/magpie_slashbox.php in RSS Feed Reader 0.1 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the rss_url parameter.
Pleer Rss Feed Reader 0.1
1 EDB exploit
755
VMScore
CVE-2005-3330
The _httpsrequest function in Snoopy 1.2, as used in products such as (1) MagpieRSS, (2) WordPress, (3) Ampache, and (4) Jinzora, allows remote malicious users to execute arbitrary commands via shell metacharacters in an HTTPS URL to an SSL protected web page, which is not proper...
Snoopy Snoopy 1.2
1 EDB exploit
440
VMScore
CVE-2007-2337
Multiple cross-site scripting (XSS) vulnerabilities in Exponent CMS 0.96.6 Alpha and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) url parameter to (a) magpie_debug.php and (b) magpie_simple.php in external/magpierss/scripts/, t...
Oicgroup Exponent Cms 0.94
Oicgroup Exponent Cms
Oicgroup Exponent Cms 0.96.5
Oicgroup Exponent Cms 0.96.4
Oicgroup Exponent Cms 0.96.3
Oicgroup Exponent Cms 0.96.1
Oicgroup Exponent Cms 0.95
2 EDB exploits
383
VMScore
CVE-2018-20171
An issue exists in Nagios XI prior to 5.5.8. The url parameter of rss_dashlet/magpierss/scripts/magpie_simple.php is not filtered, resulting in an XSS vulnerability.
Nagios Nagios Xi
383
VMScore
CVE-2018-20172
An issue exists in Nagios XI prior to 5.5.8. The rss_url parameter of rss_dashlet/magpierss/scripts/magpie_slashbox.php is not filtered, resulting in an XSS vulnerability.
Nagios Nagios Xi
231
VMScore
CVE-2010-2852
Cross-site scripting (XSS) vulnerability in modules/headlines/magpierss/scripts/magpie_debug.php in RunCms 2.1, when the Headlines module is enabled, allows remote malicious users to inject arbitrary web script or HTML via the url parameter.
Runcms Runcms 2.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-24955
man-in-the-middle
dos
CVE-2024-2818
CVE-2024-30584
CVE-2024-31134
camera
CVE-2023-45866
CVE-2024-30585
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »