tim coen vulnerabilities and exploits

(subscribe to this query)

6.5

CVSSv3

Cross-site request forgery (CSRF) vulnerability in admin.php in Zenphoto prior to 1.4.9 allows remote malicious users to hijack the authentication of admin users for requests that may cause a denial of service (resource consumption).

Zenphoto Zenphoto

1 EDB exploit

6.1

CVSSv3

The sanitize_string function in ZenPhoto prior to 1.4.9 utilized the html_entity_decode function after input sanitation, which might allow remote malicious users to perform a cross-site scripting (XSS) via a crafted string.

Zenphoto Zenphoto

1 EDB exploit

7.2

CVSSv3

SQL injection vulnerability in Zenphoto prior to 1.4.9 allow remote administrators to execute arbitrary SQL commands.

Zenphoto Zenphoto

1 EDB exploit

6.1

CVSSv3

MoinMoin 1.9.8 allows remote malicious users to conduct "JavaScript injection" attacks by using the "page creation or crafted URL" approach, related to a "Cross Site Scripting (XSS)" issue affecting the action=fckdialog&dialog=attachment (via pag...

Moinmo Moinmoin 1.9.8

6.1

CVSSv3

MoinMoin 1.9.8 allows remote malicious users to conduct "JavaScript injection" attacks by using the "page creation" approach, related to a "Cross Site Scripting (XSS)" issue affecting the action=AttachFile (via page name) component.

Moinmo Moinmoin 1.9.8

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook