Lucene search
+L

15 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2009-3785

Malware in sbrugna...

6.5CVSS6.4AI score0.00898EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2009-3776

Malware in sbrugna...

6.5CVSS6.4AI score0.00806EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/05/22 12:8 a.m.10 views

CVE-2009-3804

Multiple SQL injection vulnerabilities in modules/forum/post.php in RunCMS 2M1 allow remote authenticated users to execute arbitrary SQL commands via 1 the pid parameter, which is not properly handled by the store function in modules/forum/class/class.forumposts.php, or 2 the topicid parameter...

6.5CVSS8.6AI score0.00806EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/21 7:52 p.m.9 views

CVE-2009-3813

Multiple SQL injection vulnerabilities in RunCMS 2M1 allow remote authenticated users to execute arbitrary SQL commands via the 1 forum parameter to modules/forum/post.php and possibly 2 forumid variable to modules/forum/class/class.permissions.php...

6.5CVSS8.6AI score0.00898EPSS
Exploits1References1
NVD
NVD
added 2009/10/27 4:30 p.m.17 views

CVE-2009-3814

Static code injection vulnerability in RunCMS 2M1 allows remote authenticated administrators to execute arbitrary PHP code via the "Filter/Banning" feature, as demonstrated by modifying modules/system/cache/bademails.php using the "Prohibited: Emails" action, and other unspecified filters...

6.5CVSS7.5AI score0.01068EPSS
Exploits1References1
NVD
NVD
added 2009/10/27 4:30 p.m.30 views

CVE-2009-3813

Multiple SQL injection vulnerabilities in RunCMS 2M1 allow remote authenticated users to execute arbitrary SQL commands via the 1 forum parameter to modules/forum/post.php and possibly 2 forumid variable to modules/forum/class/class.permissions.php...

6.5CVSS8.2AI score0.00898EPSS
Exploits1References2
Prion
Prion
added 2009/10/27 4:30 p.m.15 views

Design/Logic Flaw

RunCMS 2M1, when running with certain errorreporting levels, allows remote attackers to obtain sensitive information via 1 the op parameter to modules/contact/index.php or 2 uid parameter to userinfo.php, which leaks the installation path in an error message when these parameters are used in a ca...

5CVSS6.8AI score0.0114EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2009/10/27 4:30 p.m.20 views

Sql injection

Multiple SQL injection vulnerabilities in modules/forum/post.php in RunCMS 2M1 allow remote authenticated users to execute arbitrary SQL commands via 1 the pid parameter, which is not properly handled by the store function in modules/forum/class/class.forumposts.php, or 2 the topicid parameter...

6.5CVSS8.8AI score0.00806EPSS
Exploits1References2Affected Software1
NVD
NVD
added 2009/10/27 4:30 p.m.19 views

CVE-2009-3815

RunCMS 2M1, when running with certain errorreporting levels, allows remote attackers to obtain sensitive information via 1 the op parameter to modules/contact/index.php or 2 uid parameter to userinfo.php, which leaks the installation path in an error message when these parameters are used in a ca...

5CVSS6.2AI score0.0114EPSS
Exploits1References1
Prion
Prion
added 2009/10/27 4:30 p.m.20 views

Code injection

Static code injection vulnerability in RunCMS 2M1 allows remote authenticated administrators to execute arbitrary PHP code via the "Filter/Banning" feature, as demonstrated by modifying modules/system/cache/bademails.php using the "Prohibited: Emails" action, and other unspecified filters...

6.5CVSS8AI score0.01068EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2009/10/27 4:0 p.m.42 views

CVE-2009-3814

CVE-2009-3814 describes a static code injection in RunCMS 2M1. The vulnerability allows remote authenticated administrators to execute arbitrary PHP code through the ilter/Banningeature, demonstrated by modifying modules/system/cache/bademails.php via the "Prohibited: Emails" action and other u...

6.5CVSS7.5AI score0.01068EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2009/10/27 4:0 p.m.20 views

CVE-2009-3814

Static code injection vulnerability in RunCMS 2M1 allows remote authenticated administrators to execute arbitrary PHP code via the "Filter/Banning" feature, as demonstrated by modifying modules/system/cache/bademails.php using the "Prohibited: Emails" action, and other unspecified filters...

7.5AI score0.01068EPSS
Exploits1References1
Cvelist
Cvelist
added 2009/10/27 4:0 p.m.37 views

CVE-2009-3813

Multiple SQL injection vulnerabilities in RunCMS 2M1 allow remote authenticated users to execute arbitrary SQL commands via the 1 forum parameter to modules/forum/post.php and possibly 2 forumid variable to modules/forum/class/class.permissions.php...

8.2AI score0.00898EPSS
Exploits1References2
Cvelist
Cvelist
added 2009/10/27 4:0 p.m.21 views

CVE-2009-3804

Multiple SQL injection vulnerabilities in modules/forum/post.php in RunCMS 2M1 allow remote authenticated users to execute arbitrary SQL commands via 1 the pid parameter, which is not properly handled by the store function in modules/forum/class/class.forumposts.php, or 2 the topicid parameter...

8.1AI score0.00806EPSS
Exploits1References2
CVE
CVE
added 2009/10/27 4:0 p.m.70 views

CVE-2009-3804

CVE-2009-3804 affects RunCMS 2M1, specifically the forum module (modules/forum/post.php) and related code (modules/forum/class/class.forumposts.php). The vulnerability involves multiple SQL injection paths where remote authenticated users can execute arbitrary SQL commands via (1) pid and (2) top...

6.5CVSS8.2AI score0.00806EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder