Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tine vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-41364
In tine up to and including 2023.01.14.325, the sort parameter of the /index.php endpoint allows SQL Injection.
Metaways Tine
3.5
CVSSv2
CVE-2017-14921
Stored XSS vulnerability via IMG element at "Filename" of Filemanager in Tine 2.0 Community Edition prior to 2017.08.4 allows an authenticated user to inject JavaScript, which is mishandled during rendering by the application administrator and other users.
Tine20 Tine 2.0
3.5
CVSSv2
CVE-2017-14923
Stored XSS vulnerability via IMG element at "Leadname" of CRM in Tine 2.0 Community Edition prior to 2017.08.4 allows an authenticated user to inject JavaScript, which is mishandled during rendering by the application administrator and other users.
Tine20 Tine 2.0
3.5
CVSSv2
CVE-2017-14922
Stored XSS vulnerability via IMG element at "History" of Profile, Calendar, Tasks, and CRM in Tine 2.0 Community Edition prior to 2017.08.4 allows an authenticated user to inject JavaScript, which is mishandled during rendering by the application administrator and other...
Tine20 Tine 2.0
5
CVSSv2
CVE-2011-1666
Metaways Tine 2.0 allows remote malicious users to obtain sensitive information via unknown vectors in (1) Crm/Controller.php, (2) Crm/Export/Csv.php, or (3) Calendar/Model/Attender.php, which reveal the full installation path.
Metaways Tine 2.0
3.5
CVSSv2
CVE-2017-1000164
Tine 2.0 version 2017.02.4 is vulnerable to XSS in the Addressbook resulting code execution and privilege escalation
Tine20 Tine 2.0 2017.02.4
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27975
CVE-2024-2961
CVE-2024-20380
XML injection
HTML injection
CVE-2024-29204
CVE-2023-51795
memory leak
CVE-2024-3470
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started