Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
neocrome seditio vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2006-6177
SQL injection vulnerability in system/core/users/users.profile.inc.php in Neocrome Seditio 1.10 and previous versions allows remote authenticated users to execute arbitrary SQL commands via a double-url-encoded id parameter to users.php that begins with a valid filename, as demon...
Neocrome Seditio
1 EDB exploit
6.8
CVSSv2
CVE-2006-6343
SQL injection vulnerability in polls.php in Neocrome Seditio 1.10 and previous versions allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Neocrome Seditio
1 EDB exploit
7.5
CVSSv2
CVE-2006-6344
Multiple unspecified vulnerabilities in Neocrome Seditio 1.10 and previous versions have unknown impact and attack vectors related to (1) plugins/ipsearch/ipsearch.admin.php, and (2) pfs/pfs.edit.inc.php, (3) users/users.register.inc.php in system/core. NOTE: the users.profile.in...
Neocrome Seditio
2.6
CVSSv2
CVE-2012-5914
Multiple cross-site scripting (XSS) vulnerabilities in the sed_import function in system/functions.php in Neocrome Seditio build 160 and 161 allow remote malicious users to inject arbitrary web script or HTML via the (1) newmsg or (2) rtext parameter. NOTE: some of these details ...
Neocrome Seditio -
5
CVSSv2
CVE-2012-5915
Neocrome Seditio build 161 and previous versions allows remote malicious users to obtain sensitive information via direct request to (1) view.php, (2) plugins/contact/lang/contact.en.lang.php, (3) system/lang/en/main.lang.php, (4) system/lang/en/message.lang.php, or (5) system/co...
Neocrome Seditio -
5
CVSSv2
CVE-2012-5916
Neocrome Seditio build 161 allows remote malicious users to obtain sensitive information via a direct request to (1) docs/new/seditio-createnew-160.sql, (2) docs/upgrade/sedito_convert_to_utf8.optional.sql, or (3) system/install/install.parser.sql.
Neocrome Seditio -
6.5
CVSSv2
CVE-2007-4057
Unrestricted file upload vulnerability in pfs.php in Neocrome Seditio 121 and previous versions allows remote authenticated users to upload arbitrary PHP code via a filename ending with (1) .php.gif, (2) .php.jpg, or (3) .php.png.
Neocrome Seditio
1 EDB exploit
6.8
CVSSv2
CVE-2007-6202
SQL injection vulnerability in plugins/search/search.php in Neocrome Seditio CMS 121 and previous versions allows remote malicious users to execute arbitrary SQL commands via the pag_sub[] parameter to plug.php.
Neocrome Seditio
1 EDB exploit
7.5
CVSSv2
CVE-2009-1411
SQL injection vulnerability in events/inc/events.inc.php in the Events plugin for Seditio CMS 1.0 allows remote malicious users to execute arbitrary SQL commands via the c parameter to plug.php.
Neocrome Seditio 1.0
1 EDB exploit
4.3
CVSSv2
CVE-2006-2634
Cross-site scripting (XSS) vulnerability in Neocrome Land Down Under (LDU) in Neocrome Seditio 102 allows remote malicious users to inject arbitrary web script or HTML via an HTTP Referer field.
Neocrome Seditio 102
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2018-25103
CVE-2024-36279
CVE-2024-38457
elevation of privilege
CVE-2024-27801
CVE-2024-30103
NULL pointer dereference
CVE-2024-6057
XML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »