Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ismail tasdelen vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2020-35437
Subrion CMS 4.2.1 is affected by: Cross Site Scripting (XSS) through the avatar[path] parameter in a POST request to the /_core/profile/ URI.
Intelliants Subrion Cms 4.2.1
355
VMScore
CVE-2018-18416
LANGO Codeigniter Multilingual Script 1.0 has XSS in the input and upload sections, as demonstrated by the site_name parameter to the admin/settings/update URI.
Pokkho Lango 1.0
1 EDB exploit
435
VMScore
CVE-2018-18308
In the 4.2.23 version of BigTree, a Stored XSS vulnerability has been discovered in /admin/ajax/file-browser/upload/ (aka the image upload area).
Bigtreecms Bigtree Cms 4.2.23
1 EDB exploit
435
VMScore
CVE-2019-10226
HTML Injection has been discovered in the v0.19.0 version of the Fat Free CRM product via an authenticated request to the /comments URI. NOTE: the vendor disputes the significance of this report because some HTML formatting (such as with an H1 element) is allowed, but there is a ...
Fatfreecrm Fat Free Crm 0.19.0
1 EDB exploit
435
VMScore
CVE-2018-17591
AirTies Air 5343v2 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter.
Airties Air 5343v2 Firmware 1.0.0.18
1 EDB exploit
435
VMScore
CVE-2018-17593
AirTies Air 5453 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter.
Airties Air 5453 Firmware 1.0.0.18
1 EDB exploit
355
VMScore
CVE-2018-18419
Stored XSS has been discovered in the upload section of ARDAWAN.COM User Management 1.1, as demonstrated by a .jpg filename to the /account URI.
Ardawan User Management 1.1
1 EDB exploit
435
VMScore
CVE-2019-9553
Bolt 3.6.4 has XSS via the slug, teaser, or title parameter to editcontent/pages, a related issue to CVE-2017-11128 and CVE-2018-19933.
Boltcms Bolt 3.6.4
1 EDB exploit
435
VMScore
CVE-2019-9554
In the 3.1.12 Pro version of Craft CMS, XSS has been discovered in the header insertion field when adding source code at an s/admin/entries/news/new URI.
Craftcms Craft Cms 3.1.12
1 EDB exploit
435
VMScore
CVE-2018-17588
AirTies Air 5021 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter.
Airties Air 5021 Firmware 1.0.0.18
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »