Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ismail tasdelen vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2020-35437
Subrion CMS 4.2.1 is affected by: Cross Site Scripting (XSS) through the avatar[path] parameter in a POST request to the /_core/profile/ URI.
Intelliants Subrion Cms 4.2.1
4.8
CVSSv3
CVE-2018-18416
LANGO Codeigniter Multilingual Script 1.0 has XSS in the input and upload sections, as demonstrated by the site_name parameter to the admin/settings/update URI.
Pokkho Lango 1.0
1 EDB exploit
6.1
CVSSv3
CVE-2019-9553
Bolt 3.6.4 has XSS via the slug, teaser, or title parameter to editcontent/pages, a related issue to CVE-2017-11128 and CVE-2018-19933.
Boltcms Bolt 3.6.4
1 EDB exploit
8.8
CVSSv3
CVE-2018-15884
RICOH MP C4504ex devices allow HTML Injection via the /web/entry/en/address/adrsSetUserWizard.cgi entryNameIn parameter.
Ricoh Mp C4504ex Firmware -
1 EDB exploit
6.1
CVSSv3
CVE-2018-15740
Zoho ManageEngine ADManager Plus 6.5.7 has XSS on the "Workflow Delegation" "Requester Roles" screen.
Zohocorp Manageengine Admanager Plus 6.5.7
1 EDB exploit
6.1
CVSSv3
CVE-2018-15608
Zoho ManageEngine ADManager Plus 6.5.7 allows HTML Injection on the "AD Delegation" "Help Desk Technicians" screen.
Manageengine Admanager Plus 6.5.7
1 EDB exploit
6.1
CVSSv3
CVE-2018-18308
In the 4.2.23 version of BigTree, a Stored XSS vulnerability has been discovered in /admin/ajax/file-browser/upload/ (aka the image upload area).
Bigtreecms Bigtree Cms 4.2.23
1 EDB exploit
5.4
CVSSv3
CVE-2018-18419
Stored XSS has been discovered in the upload section of ARDAWAN.COM User Management 1.1, as demonstrated by a .jpg filename to the /account URI.
Ardawan User Management 1.1
1 EDB exploit
6.1
CVSSv3
CVE-2018-17310
On the RICOH MP C1803 JPN printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi.
Ricoh Mp C1803 Jpn Firmware -
1 EDB exploit
6.1
CVSSv3
CVE-2018-17313
On the RICOH MP C307 printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi.
Ricoh Mp C307 Firmware -
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »