Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
thinksaas vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2018-15129
ThinkSAAS through 2018-07-25 has XSS via the index.php?app=article&ac=comment&ts=do content parameter.
Thinksaas Thinksaas
7.5
CVSSv2
CVE-2020-35337
ThinkSAAS prior to 3.38 contains a SQL injection vulnerability through app/topic/action/admin/topic.php via the title parameter, which allows remote malicious users to execute arbitrary SQL commands.
Thinksaas Thinksaas
3.5
CVSSv2
CVE-2018-15130
ThinkSAAS through 2018-07-25 has XSS via the index.php?app=group&ac=create&ts=do groupdesc parameter.
Thinksaas Thinksaas
3.5
CVSSv2
CVE-2019-16664
An issue exists in ThinkSAAS 2.91. There is XSS via the index.php?app=group&ac=create&ts=do groupname parameter.
Thinksaas Thinksaas 2.91
4.3
CVSSv2
CVE-2019-16665
An issue exists in ThinkSAAS 2.91. There is XSS via the content to the index.php?app=group&ac=comment&ts=do&js=1 URI, as demonstrated by a crafted SVG document in the SRC attribute of an EMBED element.
Thinksaas Thinksaas 2.91
5
CVSSv2
CVE-2020-18741
Improper Authorization in ThinkSAAS v2.7 allows remote malicious users to modify the description of any user's photo via the "photoid%5B%5D" and "photodesc%5B%5D" parameters in the component "index.php?app=photo."
Thinksaas Thinksaas 2.7
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-24955
man-in-the-middle
dos
CVE-2024-2818
CVE-2024-30584
CVE-2024-31134
camera
CVE-2023-45866
CVE-2024-30585
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started