CPE-BD3E4142-71FF-468E-9A93-51A9CB02FA83 Detail

CPE Details

TextPattern CMS 4.0.5

Vendor

textpattern

Product

textpattern

Version

4.0.5

Created

2008-12-19
13h53 +00:00

Modified

2010-10-13
00h38 +00:00

Official links

CPE NVD

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Notifications manage

List of Notifications

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Parameters

You can specify a title that will be retrieved in the alerts that will be sent out.

CPE ID

Planning

Month

Next run calculation

Day

Weekday

Hour

Minute

Creation date

Last execution

Next execution

Functionality requiring a connection

This feature, which allows you to receive alerts, is only active when you are logged into your account.

CPE Name: cpe:2.3:a:textpattern:textpattern:4.0.5:::::::*

Informations

Vendor

textpattern

Product

textpattern

Version

4.0.5

Related CVE

Open and find in CVE List

CVE ID	Published	Description	Score	Severity
CVE-2023-26852	2023-04-12 00h00 +00:00	An arbitrary file upload vulnerability in the upload plugin of Textpattern v4.8.8 and below allows attackers to execute arbitrary code by uploading a crafted PHP file.	7.2	High
CVE-2021-40642	2022-06-29 08h25 +00:00	Textpattern CMS v4.8.7 and older vulnerability exists through Sensitive Cookie in HTTPS Session Without 'Secure' Attribute via textpattern/lib/txplib_misc.php. The secure flag is not set for txp_login session cookie in the application. If the secure flag is not set, then the cookie will be transmitted in clear-text if the user visits any HTTP URLs within the cookie's scope. An attacker may be able to induce this event by feeding a user suitable links, either directly or via another web site.	4.3	Medium
CVE-2018-7474	2018-03-14 13h00 +00:00	An issue was discovered in Textpattern CMS 4.6.2 and earlier. It is possible to inject SQL code in the variable "qty" on the page index.php.	9.8	Critical
CVE-2014-4737	2014-10-10 12h00 +00:00	Cross-site scripting (XSS) vulnerability in Textpattern CMS before 4.5.7 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to setup/index.php.	4.3
CVE-2008-5757	2008-12-30 18h00 +00:00	Cross-site scripting (XSS) vulnerability in textarea/index.php in Textpattern (aka Txp CMS) 4.0.6 and earlier allows remote authenticated users to inject arbitrary web script or HTML via the Body parameter in an article action. NOTE: some of these details are obtained from third party information.	3.5
CVE-2008-5668	2008-12-18 20h00 +00:00	Multiple cross-site scripting (XSS) vulnerabilities in Textpattern (aka Txp CMS) 4.0.5 allow remote attackers to inject arbitrary web script or HTML via (1) the PATH_INFO to setup/index.php or (2) the name parameter to index.php in the comments preview section.	4.3
CVE-2008-5669	2008-12-18 20h00 +00:00	index.php in the comments preview section in Textpattern (aka Txp CMS) 4.0.5 allows remote attackers to cause a denial of service via a long message parameter.	5
CVE-2008-5670	2008-12-18 20h00 +00:00	Textpattern (aka Txp CMS) 4.0.5 does not ask for the old password during a password reset, which makes it easier for remote attackers to change a password after hijacking a session.	6.8

TextPattern CMS 4.0.5

CPE Details

CPE Name: cpe:2.3:a:textpattern:textpattern:4.0.5:*:*:*:*:*:*:*

Informations

Vendor

Product

Version

Related CVE

CPE Name: cpe:2.3:a:textpattern:textpattern:4.0.5:::::::*