Known Vulnerabilities for products from Toenda Software Development

Listed below are 10 of the newest known vulnerabilities associated with the vendor "Toenda Software Development".

These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.

Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2007-1872 json Cross-site scripting (XSS) vulnerability in toendaCMS 1.5.3 allows remote attackers to inject arbitrary web script or HTML vi... Not Provided 2007-04-13 2026-04-23
CVE-2006-4349 json ** DISPUTED ** PHP remote file inclusion vulnerability in ToendaCMS 1.0.3 and earlier allows remote attackers to execute arb... 7.5 - HIGH 2006-08-24 2023-11-07
CVE-2006-4016 json Cross-site scripting (XSS) vulnerability in /toendaCMS in toendaCMS stable 1.0.3 and earlier, and unstable 1.1 and earlier, a... 4.3 - MEDIUM 2006-08-07 2011-03-08
CVE-2006-3362 json Unrestricted file upload vulnerability in connectors/php/connector.php in FCKeditor mcpuk file manager, as used in (1) Geeklo... 5.1 - MEDIUM 2006-07-06 2018-10-18
CVE-2006-2799 json Cross-site scripting (XSS) vulnerability in content_footer.php in toendaCMS 0.7.0 allows remote attackers to inject arbitrary... 6.8 - MEDIUM 2006-06-03 2017-07-20
CVE-2005-4422 json Unrestricted file upload vulnerability in toendaCMS before 0.6.2 Stable allows remote authenticated administrators to execute... Not Provided 2005-12-20 2025-04-03
CVE-2005-4353 json SQL injection vulnerability in index.php in toendaCMS 0.6.2.1, when configured to use a SQL database, allows remote attackers... Not Provided 2005-12-20 2025-04-03
CVE-2005-4277 json Cross-site scripting (XSS) vulnerability in index.php in toendaCMS before 0.7 Beta allows remote attackers to inject arbitrar... Not Provided 2005-12-16 2025-04-03
CVE-2005-3551 json toendaCMS before 0.6.2 stores user account and session data in the web root directory, which allows remote attackers to obtai... Not Provided 2005-11-16 2025-04-03
CVE-2005-3550 json Directory traversal vulnerability in admin.php in toendaCMS before 0.6.2 allows remote attackers to access arbitrary files vi... Not Provided 2005-11-16 2025-04-03
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

Free CVE JSON API cve.report/api

CVE.report and Source URL Uptime Status status.cve.report