Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ismail tasdelen vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2020-5505
Freelancy v1.0.0 allows remote command execution via the "file":"data:application/x-php;base64 substring (in conjunction with "type":"application/x-php"} to the /api/files/ URI.
Vaaip Freelancy 1.0.0
5.4
CVSSv3
CVE-2018-18373
In the Schiocco "Support Board - Chat And Help Desk" plugin 1.2.3 for WordPress, a Stored XSS vulnerability has been discovered in file upload areas in the Chat and Help Desk sections via the msg parameter in a /wp-admin/admin-ajax.php sb_ajax_add_message action.
Schiocco Support Board - Chat And Help Desk 1.2.3
6.1
CVSSv3
CVE-2018-17589
AirTies Air 5650 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter.
Airties Air 5650 Firmware 1.0.0.18
6.1
CVSSv3
CVE-2018-17594
AirTies Air 5443v2 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter.
Airties Air 5443v2 Firmware 1.0.0.18
6.1
CVSSv3
CVE-2018-17595
In the 5.4.0 version of the Fork CMS software, HTML Injection and Stored XSS vulnerabilities were discovered via the /backend/ajax URI.
Fork-cms Fork Cms 5.4.0
6.1
CVSSv3
CVE-2018-17311
On the RICOH MP C6503 Plus printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi.
Ricoh Mp C6503 Firmware -
6.1
CVSSv3
CVE-2018-17312
On the RICOH Aficio MP 301 printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi.
Ricoh Aficio Mp 301spf Firmware -
6.1
CVSSv3
CVE-2018-17314
On the RICOH Aficio MP 305+ printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi.
Ricoh Mp 305+ Firmware -
6.1
CVSSv3
CVE-2018-17315
On the RICOH MP C2003 printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi.
Ricoh Mp C2003sp Firmware -
6.1
CVSSv3
CVE-2018-16965
In Zoho ManageEngine SupportCenter Plus prior to 8.1 Build 8109, there is HTML Injection and Stored XSS via the /ServiceContractDef.do contractName parameter.
Zohocorp Manageengine Supportcenter Plus
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »