Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pixelpost pixelpost vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2006-1104
Multiple SQL injection vulnerabilities in Pixelpost 1.5 beta 1 and previous versions allow remote malicious users to execute arbitrary SQL commands via (1) the showimage parameter in index.php; and the (2) USER_AGENT, (3) HTTP_REFERER, and (4) HTTP_HOST HTTP header fields as used...
Pixelpost Pixelpost 1.5 Beta1
Pixelpost Pixelpost 1.4.3
4.3
CVSSv2
CVE-2006-1106
Cross-site scripting (XSS) vulnerability in Pixelpost 1.5 beta 1 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the (1) message, (2) name, (3) url, and (4) email parameters when commenting on a post. NOTE: the vendor has disputed so...
Pixelpost Pixelpost 1.4.3
Pixelpost Pixelpost 1.5 Beta1
5
CVSSv2
CVE-2006-1105
Pixelpost 1.5 beta 1 and previous versions allows remote malicious users to obtain configuration information via a direct request to includes/phpinfo.php, which calls the phpinfo function. NOTE: the vendor has disputed some issues from the original disclosure, but due to the vagu...
Pixelpost Pixelpost 1.4.3
Pixelpost Pixelpost 1.5 Beta1
4.3
CVSSv2
CVE-2018-0605
Cross-site scripting vulnerability in Pixelpost v1.7.3 and previous versions allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Pixelpost Pixelpost
5.1
CVSSv2
CVE-2006-2889
Multiple SQL injection vulnerabilities in index.php in Pixelpost 1-5rc1-2 and previous versions allow remote malicious users to execute arbitrary SQL commands, and leverage them to gain administrator privileges, via the (1) category or (2) archivedate parameter.
Pixelpost Pixelpost
1 EDB exploit
6.8
CVSSv2
CVE-2008-3365
Directory traversal vulnerability in index.php in Pixelpost 1.7.1 on Windows, when register_globals is enabled, allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the language_full parameter.
Pixelpost Pixelpost 1.7.1
1 EDB exploit
6.8
CVSSv2
CVE-2010-3305
Cross-site request forgery (CSRF) vulnerability in pixelpost 1.7.3 could allow remote malicious users to change the admin password.
Pixelpost Pixelpost 1.7.3
5.1
CVSSv2
CVE-2006-2890
Pixelpost 1-5rc1-2 and previous versions, when register_globals is enabled, allows remote malicious users to gain administrator privileges and conduct other attacks by setting the _SESSION["pixelpost_admin"] parameter to 1 in calls to admin scripts such as admin/view_in...
Pixelpost Pixelpost 1.5 Rc1
2.6
CVSSv2
CVE-2006-2891
Cross-site scripting (XSS) vulnerability in admin/index.php for Pixelpost 1-5rc1-2 and previous versions allows remote malicious users to inject arbitrary HTML or web script via the loginmessage parameter.
Pixelpost Pixelpost 1.5 Rc1
6.5
CVSSv2
CVE-2018-0604
Pixelpost v1.7.3 and previous versions allows remote code execution via unspecified vectors.
Pixelpost Pixelpost 1.7.3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »