Page 3 of 14 results (0.002 seconds)

CVSS: 7.5EPSS: 1%CPEs: 3EXPL: 3

SQL injection vulnerability in pmlite.php in RunCMS 1.2 and 1.3a allows remote attackers to execute arbitrary SQL commands via the to_userid parameter. Vulnerabilidad de inyección de SQL en pmlite.php en RunCMS 1.2 y 1.3a permite a atacantes remotos ejecutar órdenes SQL de su elección mediante el parámetro "to_userid". • https://www.exploit-db.com/exploits/27226 http://hamid.ir/security/runcms.txt http://secunia.com/advisories/18831 http://securitytracker.com/id?1015626 http://www.runcms.org/public/modules/forum/viewtopic.php?topic_id=4003&forum=18 http://www.securityfocus.com/archive/1/425293/100/0/threaded http://www.securityfocus.com/bid/16652 http://www.vupen.com/english/advisories/2006/0572 https://exchange.xforce.ibmcloud.com/vulnerabilities/24676 •

CVSS: 6.8EPSS: 11%CPEs: 3EXPL: 4

Multiple PHP remote file include vulnerabilities in RunCMS 1.2 and earlier, with register_globals and allow_url_fopen enabled, allow remote attackers to execute arbitrary code via the bbPath[path] parameter in (1) class.forumposts.php and (2) forumpollrenderer.php. • https://www.exploit-db.com/exploits/1485 http://retrogod.altervista.org/runcms_13a_xpl.html http://secunia.com/advisories/18800 http://www.securityfocus.com/archive/1/424708 http://www.securityfocus.com/bid/16578 http://www.vupen.com/english/advisories/2006/0503 • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 1

Multiple SQL injection vulnerabilities in RunCMS 1.2 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) addquery and (2) subquery parameters to the newbb plus module, the forum parameter to (3) newtopic.php, (4) edit.php, or (5) reply.php in the newbb plus module, or (6) the msg_id parameter to print.php in the messages module. • http://secunia.com/advisories/16514 http://www.gulftech.org/?node=research&article_id=00094-08192005 •

CVSS: 7.5EPSS: 1%CPEs: 3EXPL: 0

includes/common.php in RunCMS 1.2 and earlier calls the extract function with EXTR_OVERWRITE on HTTP POST variables, which allows remote attackers to overwrite arbitrary variables, possibly allowing execution of arbitrary code. • http://secunia.com/advisories/16514 http://www.gulftech.org/?node=research&article_id=00094-08192005 •