Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
textpattern textpattern vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-5670
Textpattern (aka Txp CMS) 4.0.5 does not ask for the old password during a password reset, which makes it easier for remote malicious users to change a password after hijacking a session.
Textpattern Textpattern 4.0.5
4.8
CVSSv3
CVE-2020-35854
Textpattern 4.8.4 is affected by cross-site scripting (XSS) in the Body parameter.
Textpattern Textpattern 4.8.4
5.4
CVSSv3
CVE-2021-28002
A persistent cross-site scripting vulnerability exists in the Excerpt parameter in Textpattern CMS 4.9.0 which allows remote malicious users to execute arbitrary code via a crafted payload entered into the URL field. The vulnerability is triggered by users visiting the 'Arti...
Textpattern Textpattern 4.9.0
NA
CVE-2010-3205
PHP remote file inclusion vulnerability in index.php in Textpattern CMS 4.2.0 allows remote malicious users to execute arbitrary PHP code via a URL in the inc parameter.
Textpattern Textpattern 4.2.0
1 EDB exploit
NA
CVE-2011-5019
Cross-site scripting (XSS) vulnerability in setup/index.php in Textpattern CMS 4.4.1, when the product is incompletely installed, allows remote malicious users to inject arbitrary web script or HTML via the ddb parameter.
Textpattern Textpattern 4.4.1
1 EDB exploit
NA
CVE-2006-5615
PHP remote file inclusion vulnerability in publish.php in Textpattern 1.19, when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via a URL in the txpcfg[txpath] parameter.
Textpattern Textpattern 1.19
1 EDB exploit
6.5
CVSSv3
CVE-2021-30209
Textpattern V4.8.4 contains an arbitrary file upload vulnerability where a plug-in can be loaded in the background without any security verification, which may lead to obtaining system permissions.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3