Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpecho cms phpecho cms vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-0355
SQL injection vulnerability in index.php in the forum module in PHPEcho CMS, probably 2.0-rc3 and previous versions, allows remote malicious users to execute arbitrary SQL commands via the id parameter in a section action, a different vector than CVE-2007-2866.
Phpecho Cms Phpecho Cms
1 EDB exploit
NA
CVE-2007-3335
Multiple SQL injection vulnerabilities in the admin panel in PHPEcho CMS prior to 1.6 allow remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Phpecho Cms Phpecho Cms
NA
CVE-2007-2866
Multiple SQL injection vulnerabilities in modules/admin/modules/gallery.php in PHPEcho CMS 2.0-rc1 and previous versions allow remote malicious users to execute arbitrary SQL commands via the id parameter and possibly other parameters. NOTE: some of these details are obtained fro...
Phpecho Cms Phpecho Cms
NA
CVE-2007-1988
Cross-site scripting (XSS) vulnerability in kernel/filters.inc.php in PHPEcho CMS 2.0 allows remote malicious users to inject arbitrary web script or HTML via the id parameter.
Phpecho Cms Phpecho Cms 2.0
NA
CVE-2007-1987
Multiple PHP remote file inclusion vulnerabilities in PHPEcho CMS 2.0 allow remote malicious users to execute arbitrary PHP code via a URL in the (1) _plugin_file parameter to smarty/internals/core.load_pulgins.php or the (2) root_path parameter to index.php. NOTE: CVE disputes (...
Phpecho Cms Phpecho Cms 2.0
NA
CVE-2009-2401
Cross-site scripting (XSS) vulnerability in PHPEcho CMS 2.0-rc3 allows remote malicious users to inject arbitrary web script or HTML via a forum post.
Phpecho Cms Phpecho Cms 2.0-rc3
1 EDB exploit
NA
CVE-2009-2402
SQL injection vulnerability in index.php in the forum module in PHPEcho CMS 2.0-rc3 allows remote malicious users to execute arbitrary SQL commands via the id parameter in a thread action, a different vector than CVE-2008-0355.
Phpecho Cms Phpecho Cms 2.0-rc3
1 EDB exploit
NA
CVE-2008-7034
PHP remote file inclusion vulnerability in kernel/smarty/Smarty.class.php in PHPEcho CMS 2.0 rc3 allows remote malicious users to execute arbitrary PHP code via a URL in unspecified vectors that modify the _smarty_compile_path variable in the fetch function.
Tigran Abrahamyan Phpecho Cms 2.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started