Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pixelpost pixelpost vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-1104
Multiple SQL injection vulnerabilities in Pixelpost 1.5 beta 1 and previous versions allow remote malicious users to execute arbitrary SQL commands via (1) the showimage parameter in index.php; and the (2) USER_AGENT, (3) HTTP_REFERER, and (4) HTTP_HOST HTTP header fields as used...
Pixelpost Pixelpost 1.5 Beta1
Pixelpost Pixelpost 1.4.3
NA
CVE-2006-1105
Pixelpost 1.5 beta 1 and previous versions allows remote malicious users to obtain configuration information via a direct request to includes/phpinfo.php, which calls the phpinfo function. NOTE: the vendor has disputed some issues from the original disclosure, but due to the vagu...
Pixelpost Pixelpost 1.4.3
Pixelpost Pixelpost 1.5 Beta1
NA
CVE-2006-1106
Cross-site scripting (XSS) vulnerability in Pixelpost 1.5 beta 1 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the (1) message, (2) name, (3) url, and (4) email parameters when commenting on a post. NOTE: the vendor has disputed so...
Pixelpost Pixelpost 1.4.3
Pixelpost Pixelpost 1.5 Beta1
NA
CVE-2006-2889
Multiple SQL injection vulnerabilities in index.php in Pixelpost 1-5rc1-2 and previous versions allow remote malicious users to execute arbitrary SQL commands, and leverage them to gain administrator privileges, via the (1) category or (2) archivedate parameter.
Pixelpost Pixelpost
1 EDB exploit
6.1
CVSSv3
CVE-2018-0605
Cross-site scripting vulnerability in Pixelpost v1.7.3 and previous versions allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Pixelpost Pixelpost
8.8
CVSSv3
CVE-2010-3305
Cross-site request forgery (CSRF) vulnerability in pixelpost 1.7.3 could allow remote malicious users to change the admin password.
Pixelpost Pixelpost 1.7.3
NA
CVE-2011-3792
Pixelpost 1.7.3 allows remote malicious users to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by includes/functions_feeds.php and certain other files.
Pixelpost Pixelpost 1.7.3
NA
CVE-2008-0358
SQL injection vulnerability in index.php in Pixelpost 1.7 allows remote malicious users to execute arbitrary SQL commands via the parent_id parameter.
Pixelpost Pixelpost 1.7
1 EDB exploit
NA
CVE-2006-2890
Pixelpost 1-5rc1-2 and previous versions, when register_globals is enabled, allows remote malicious users to gain administrator privileges and conduct other attacks by setting the _SESSION["pixelpost_admin"] parameter to 1 in calls to admin scripts such as admin/view_in...
Pixelpost Pixelpost 1.5 Rc1
NA
CVE-2006-2891
Cross-site scripting (XSS) vulnerability in admin/index.php for Pixelpost 1-5rc1-2 and previous versions allows remote malicious users to inject arbitrary HTML or web script via the loginmessage parameter.
Pixelpost Pixelpost 1.5 Rc1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »