Runcms : Security Vulnerabilities, CVEs, Published In 2008
Multiple PHP remote file inclusion vulnerabilities in the Newbb Plus (newbb_plus) module 0.93 in RunCMS 1.6.1 allow remote attackers to execute arbitrary PHP code via a URL in the (1) bbPath[path] parameter to votepolls.php and the (2) bbPath[root_theme] parameter to config.php, different vectors than CVE-2006-0659. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Max CVSS
7.5
EPSS Score
2.48%
Published
2008-07-28
Updated
2017-08-08
SQL injection vulnerability in topics.php in the MyArticles 0.6 beta-1 module for RunCMS allows remote attackers to execute arbitrary SQL commands via the topic_id parameter in a listarticles action.
Max CVSS
7.5
EPSS Score
0.06%
Published
2008-05-05
Updated
2017-09-29
SQL injection vulnerability in viewcat.php in the Photo 3.02 module for RunCMS allows remote attackers to execute arbitrary SQL commands via the cid parameter.
Max CVSS
7.5
EPSS Score
0.06%
Published
2008-03-31
Updated
2017-10-11
SQL injection vulnerability in the sections (Section) module in RunCMS allows remote attackers to execute arbitrary SQL commands via the artid parameter in a viewarticle action.
Max CVSS
6.8
EPSS Score
0.09%
Published
2008-03-24
Updated
2017-09-29
SQL injection vulnerability in index.php in the MyAnnonces 1.7 and earlier module for RunCMS allows remote attackers to execute arbitrary SQL commands via the cid parameter in a view action.
Max CVSS
7.5
EPSS Score
0.11%
Published
2008-02-21
Updated
2017-09-29
SQL injection vulnerability in index.php in the Newbb_plus 0.92 and earlier module in RunCMS 1.6.1 allows remote attackers to execute arbitrary SQL commands via the Client-Ip parameter.
Max CVSS
7.5
EPSS Score
0.06%
Published
2008-01-10
Updated
2017-10-19
6 vulnerabilities found