Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tianti project tianti 2.3 vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2018-19090
tianti 2.3 has stored XSS in the article management module via an article title.
Tianti Project Tianti 2.3
3.5
CVSSv2
CVE-2018-19089
tianti 2.3 has stored XSS in the userlist module via the tianti-module-admin/user/ajax/save_role name parameter, which is mishandled in tianti-module-admin\src\main\webapp\WEB-INF\views\user\user_list.jsp.
Tianti Project Tianti 2.3
3.5
CVSSv2
CVE-2018-19091
tianti 2.3 has reflected XSS in the user management module via the tianti-module-admin/user/list userName parameter.
Tianti Project Tianti 2.3
6.5
CVSSv2
CVE-2018-19109
tianti 2.3 allows remote authenticated users to bypass intended permission restrictions by visiting tianti-module-admin/cms/column/list directly to read the column list page or edit a column.
Tianti Project Tianti 2.3
4
CVSSv2
CVE-2018-19110
The skin-management feature in tianti 2.3 allows remote authenticated users to bypass intended permission restrictions by visiting tianti-module-admin/user/skin/list directly because controller\usercontroller.java maps a /skin/list request to the function skinList, and lacks an a...
Tianti Project Tianti 2.3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started