Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
lynxtechnology twonky server vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2018-7171
Directory traversal vulnerability in Twonky Server 7.0.11 up to and including 8.5 allows remote malicious users to share the contents of arbitrary directories via a .. (dot dot) in the contentbase parameter to rpc/set_all.
Lynxtechnology Twonky Server
1 EDB exploit
1 Github repository
4.3
CVSSv2
CVE-2018-7203
Cross-site scripting (XSS) vulnerability in Twonky Server 7.0.11 up to and including 8.5 allows remote malicious users to inject arbitrary web script or HTML via the friendlyname parameter to rpc/set_all.
Lynxtechnology Twonky Server
1 EDB exploit
4.3
CVSSv2
CVE-2018-9177
Twonky Server prior to 8.5.1 has XSS via a folder name on the Shared Folders screen.
Lynxtechnology Twonky Server
4.3
CVSSv2
CVE-2018-9182
Twonky Server prior to 8.5.1 has XSS via a modified "language" parameter in the Language section.
Lynxtechnology Twonky Server
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started