Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

phpcms vulnerabilities and exploits

(subscribe to this query)

6.1
CVSSv3
CVE-2021-40910
There is a reflective cross-site scripting (XSS) vulnerability in the PHPCMS V9.6.3 management side....
Phpcms Phpcms 9.6.3
NA
CVE-2004-1202
Cross-site scripting (XSS) vulnerability in parser.php in phpCMS 1.2.1 and earlier, with non-stealth and debug modes enabled, allows remote attackers to inject arbitrary web script or HTML via the file parameter....
Phpcms Phpcms 1.1.9Phpcms Phpcms 1.2Phpcms Phpcms 1.2.1
NA
CVE-2004-1203
parser.php in phpCMS 1.2.1 and earlier, with non-stealth and debug modes enabled, allows remote attackers to gain sensitive information via an invalid file parameter, which reveals the web server's installation path....
Phpcms Phpcms 1.1.9Phpcms Phpcms 1.2.0Phpcms Phpcms 1.2.1
NA
CVE-2005-1840
Directory traversal vulnerability in class.layout_phpcms.php in phpCMS 1.2.x before 1.2.1pl2 allows remote attackers to read or include arbitrary files, as demonstrated using a .. (dot dot) in the language parameter to parser.php....
Phpcms Phpcms 1.2.1Phpcms Phpcms 1.2.1 P12Phpcms Phpcms 1.2.1 Pl1Phpcms Phpcms 1.2.0
5.3
CVSSv3
CVE-2020-22200
Directory Traversal vulnerability in phpCMS 9.1.13 via the q parameter to public_get_suggest_keyword....
Phpcms Phpcms 9.1.13
9.8
CVSSv3
CVE-2020-22199
SQL Injection vulnerability in phpCMS 2007 SP6 build 0805 via the digg_mod parameter to digg_add.php....
Phpcms Phpcms 2007
7.5
CVSSv3
CVE-2018-14940
PHPCMS 9 allows remote attackers to cause a denial of service (resource consumption) via large font_size, height, and width parameters in an api.php?op=checkcode request....
Phpcms Phpcms 9.0
NA
CVE-2011-0644
SQL injection vulnerability in include/admin/model_field.class.php in PHPCMS 2008 V2 allows remote attackers to execute arbitrary SQL commands via the modelid parameter to flash_upload.php....
Phpcms Phpcms 2008 2
4.8
CVSSv3
CVE-2019-10027
PHPCMS 9.6.x through 9.6.3 has XSS via the mailbox (aka E-mail) field on the personal information screen....
Phpcms Phpcms
9.8
CVSSv3
CVE-2020-22203
SQL Injection in phpCMS 2008 sp4 via the genre parameter to yp/job.php....
Phpcms Phpcms 2008
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-34595CVE-2022-23713CVE-2022-21786hard-codedremote attackerscross-site request forgeryCVE-2022-2274CVE-2021-37839CVE-2022-26135
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook