Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tiny vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2020-25789
An issue exists in Tiny Tiny RSS (aka tt-rss) prior to 2020-09-16. The cached_url feature mishandles JavaScript inside an SVG document.
Tt-rss Tiny Tiny Rss
6.8
CVSSv2
CVE-2020-36438
An issue exists in the tiny_future crate prior to 0.4.0 for Rust. Future<T> does not have bounds on its Send and Sync traits.
Tiny Future Project Tiny Future
5
CVSSv2
CVE-2017-16097
tiny-http is a simple http server. tiny-http is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
Tiny-http Project Tiny-http
4.6
CVSSv2
CVE-2002-0349
Tiny Personal Firewall (TPF) 2.0.15, under certain configurations, will pop up an alert to the system even when the screen is locked, which could allow an attacker with physical access to the machine to hide activities or bypass access restrictions.
Tiny Software Tiny Personal Firewall 2.0.15
7.5
CVSSv2
CVE-2017-16896
A SQL injection in classes/handler/public.php in the forgotpass component of Tiny Tiny RSS 17.4 exists via the login parameter.
Tt-rss Tiny Tiny Rss 17.4
7.8
CVSSv2
CVE-2012-1783
Tiny Server 1.1.9 and previous versions allows remote malicious users to cause a denial of service (crash) via a long string in a GET request without an HTTP version number.
Saurabh Gupta Tiny Server 1.0.5
Saurabh Gupta Tiny Server
Saurabh Gupta Tiny Server 1.1.5
1 EDB exploit
4.3
CVSSv2
CVE-2022-1846
The Tiny Contact Form WordPress plugin up to and including 0.7 does not have CSRF check in place when updating its settings, which could allow malicious users to make a logged in admin change them via a CSRF attack
Tiny Contact Form Project Tiny Contact Form
6.5
CVSSv2
CVE-2019-16790
In Tiny File Manager prior to 2.3.9, there is a remote code execution via Upload from URL and Edit/Rename files. Only authenticated users are impacted.
Tiny File Manager Project Tiny File Manager
6.8
CVSSv2
CVE-2018-1000096
brianleroux tiny-json-http version all versions since commit 9b8e74a232bba4701844e07bcba794173b0238a8 (Oct 29 2016) contains a Missing SSL certificate validation vulnerability in The libraries core functionality is affected. that can result in Exposes the user to man-in-the-middl...
Tiny-json-http Project Tiny-json-http
6.5
CVSSv2
CVE-2021-45010
A path traversal vulnerability in the file upload functionality in tinyfilemanager.php in Tiny File Manager prior to 2.4.7 allows remote attackers (with valid user accounts) to upload malicious PHP files to the webroot, leading to code execution.
Tiny File Manager Project Tiny File Manager
6 Github repositories
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »