Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ismail tasdelen vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2018-17003
In LimeSurvey 3.14.7, HTML Injection and Stored XSS have been discovered in the appendix via the surveyls_title parameter to /index.php?r=admin/survey/sa/insert.
Limesurvey Limesurvey 3.14.7
6.1
CVSSv3
CVE-2018-17309
On the RICOH MP C406Z printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi.
Ricoh Mp C406zspf Firmware -
6.1
CVSSv3
CVE-2018-17312
On the RICOH Aficio MP 301 printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi.
Ricoh Aficio Mp 301spf Firmware -
6.1
CVSSv3
CVE-2018-17314
On the RICOH Aficio MP 305+ printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi.
Ricoh Mp 305\\+ Firmware -
6.1
CVSSv3
CVE-2018-17316
On the RICOH MP C6003 printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi.
Ricoh Mp C6003 Firmware -
8.8
CVSSv3
CVE-2019-19832
Xerox AltaLink C8035 printers allow CSRF. A request to add users is made in the Device User Database form field to the xerox.set URI. (The frmUserName value must have a unique name.)
Xerox Altalink C8035 Firmware -
6.5
CVSSv3
CVE-2019-19833
In Tautulli 2.1.9, CSRF in the /shutdown URI allows an malicious user to shut down the remote media server. (Also, anonymous access can be achieved in applications that do not have a user login area).
Tautulli Tautulli 2.1.9
6.1
CVSSv3
CVE-2018-18307
A Stored XSS vulnerability has been discovered in version 4.1.0 of AlchemyCMS via the /admin/pictures image field. NOTE: the vendor's position is that this is not a valid report: "The researcher used an authorized cookie to perform the request to a password-protected ro...
Alchemy-cms Alchemy Cms 4.1.0
5.4
CVSSv3
CVE-2018-18373
In the Schiocco "Support Board - Chat And Help Desk" plugin 1.2.3 for WordPress, a Stored XSS vulnerability has been discovered in file upload areas in the Chat and Help Desk sections via the msg parameter in a /wp-admin/admin-ajax.php sb_ajax_add_message action.
Schiocco Support Board - Chat And Help Desk 1.2.3
8.8
CVSSv3
CVE-2018-18420
Cross-Site Request Forgery (CSRF) vulnerability exists in the 8.3 version of Zenario Content Management System via the admin/organizer.ajax.php?path=zenario__content%2Fpanels%2Fcontent URI.
Tribalsystems Zenario 8.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »