Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xcms xcms vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2007-6652
cpie.php in XCMS 1.83 and previous versions sends a redirect to the web browser but does not exit, which allows remote malicious users to conduct direct static code injection attacks and execute arbitrary code via the testo_0 parameter in a cpie admin action to index.php, which w...
Xcms Xcms
1 EDB exploit
4.3
CVSSv2
CVE-2007-5060
Cross-site request forgery (CSRF) vulnerability in the cpass functionality in an admin action in index.php in XCMS allows remote malicious users to change arbitrary passwords via certain password_ and rpassword_ parameters, possibly related to timestamp values.
Xcms Xcms
1 EDB exploit
5
CVSSv2
CVE-2007-6604
Multiple directory traversal vulnerabilities in index.php in XCMS 1.82 and previous versions allow remote malicious users to read arbitrary files via a .. (dot dot) in (1) the s parameter to the admin page or (2) the pg parameter to an arbitrary module, as demonstrated by reading...
Xcms Xcms 1.82
1 EDB exploit
6.4
CVSSv2
CVE-2007-3523
Multiple directory traversal vulnerabilities in Module/Galerie.php in XCMS 1.1 allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the (1) Ent or (2) Lang parameter.
Groupeclan.free.fr Xcms 1.1
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started