Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
webedition webedition cms vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2014-2302
The installer script in webEdition CMS prior to 6.2.7-s1 and 6.3.x prior to 6.3.8-s1 allows remote malicious users to conduct PHP Object Injection attacks by intercepting a request to update.webedition.org.
Webedition Webedition Cms 6.2.7.0
Webedition Webedition Cms
Webedition Webedition Cms 6.3.8
7.5
CVSSv2
CVE-2014-2303
Multiple SQL injection vulnerabilities in the file browser component (we_fs.php) in webEdition CMS prior to 6.2.7-s1.2 and 6.3.x up to and including 6.3.8 before -s1 allow remote malicious users to execute arbitrary SQL commands via the (1) table or (2) order parameter.
Webedition Webedition Cms 6.3.8.0
Webedition Webedition Cms 6.3.3.0
Webedition Webedition Cms 6.2.7.0
1 EDB exploit
7.5
CVSSv2
CVE-2008-4154
SQL injection vulnerability in living-e webEdition CMS allows remote malicious users to execute arbitrary SQL commands via the we_objectID parameter.
Living-e Webedition Cms
1 EDB exploit
4
CVSSv2
CVE-2014-5258
Directory traversal vulnerability in showTempFile.php in webEdition CMS prior to 6.3.9.0 Beta allows remote authenticated users to read arbitrary files via a .. (dot dot) in the file parameter.
Webedition Webedition Cms
1 EDB exploit
NA
CVE-2024-28417
Webedition CMS 9.2.2.0 has a Stored XSS vulnerability via /webEdition/we_cmd.php.
NA
CVE-2024-28418
Webedition CMS 9.2.2.0 has a File upload vulnerability via /webEdition/we_cmd.php
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started