Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
textpattern vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2018-7474
An issue exists in Textpattern CMS 4.6.2 and previous versions. It is possible to inject SQL code in the variable "qty" on the page index.php.
Textpattern Textpattern
1 EDB exploit
755
VMScore
CVE-2010-3205
PHP remote file inclusion vulnerability in index.php in Textpattern CMS 4.2.0 allows remote malicious users to execute arbitrary PHP code via a URL in the inc parameter.
Textpattern Textpattern 4.2.0
1 EDB exploit
755
VMScore
CVE-2006-5615
PHP remote file inclusion vulnerability in publish.php in Textpattern 1.19, when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via a URL in the txpcfg[txpath] parameter.
Textpattern Textpattern 1.19
1 EDB exploit
694
VMScore
CVE-2018-1000090
textpattern version version 4.6.2 contains a XML Injection vulnerability in Import XML feature that can result in Denial of service in context to the web server by exhausting server memory resources. This attack appear to be exploitable via Uploading a specially crafted XML file.
Textpattern Textpattern 4.6.2
668
VMScore
CVE-2020-19510
Textpattern 4.7.3 contains an aribtrary file load via the file_insert function in include/txp_file.php.
Textpattern Textpattern 4.7.3
605
VMScore
CVE-2020-29458
Textpattern CMS 4.6.2 allows CSRF via the prefs subsystem.
Textpattern Textpattern 4.6.2
605
VMScore
CVE-2008-5670
Textpattern (aka Txp CMS) 4.0.5 does not ask for the old password during a password reset, which makes it easier for remote malicious users to change a password after hijacking a session.
Textpattern Textpattern 4.0.5
454
VMScore
CVE-2021-44082
textpattern 4.8.7 is vulnerable to Cross Site Scripting (XSS) via /textpattern/index.php,Body. A remote and unauthenticated attacker can use XSS to trigger remote code execution by uploading a webshell. To do so they must first steal the CSRF token before submitting a file upload...
Textpattern Textpattern 4.8.7
445
VMScore
CVE-2015-8032
In Textpattern 4.5.7, an unprivileged author can change an article's markup setting.
Textpattern Textpattern 4.5.7
445
VMScore
CVE-2015-8033
In Textpattern 4.5.7, the password-reset feature does not securely tether a hash to a user account.
Textpattern Textpattern 4.5.7
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »