Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
text vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2023-3387
The Lana Text to Image plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'lana_text_to_image' and 'lana_text_to_img' shortcode in versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping on user su...
Lanacodes Lana Text To Image
5.4
CVSSv3
CVE-2023-0070
The ResponsiveVoice Text To Speech WordPress plugin prior to 1.7.7 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored ...
Responsivevoice Responsivevoice Text To Speech
NA
CVE-2007-4433
Cross-site scripting (XSS) vulnerability in textfilesearch.aspx in the Text File Search ASP.NET edition allows remote malicious users to inject arbitrary web script or HTML via the search field.
Aspindir Text File Search 0
NA
CVE-2014-5275
Multiple SQL injection vulnerabilities in includes/functions.php in Pro Chat Rooms Text Chat Rooms 8.2.0 allow remote authenticated users to execute arbitrary SQL commands via the (1) password, (2) email, or (3) id parameter.
Prochatrooms Text Chat Rooms 8.2.0
1 EDB exploit
9.8
CVSSv3
CVE-2022-4099
The Joy Of Text Lite WordPress plugin prior to 2.3.1 does not properly sanitise and escape some parameters before using them in SQL statements accessible to unauthenticated users, leading to unauthenticated SQL injection
Getcloudsms Joy Of Text Lite
NA
CVE-2008-3754
SQL injection vulnerability in trl.php in YourFreeWorld Stylish Text Ads Script allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Yourfreeworld Stylish Text Ads Script
1 EDB exploit
NA
CVE-2008-4885
SQL injection vulnerability in tr1.php in YourFreeWorld Scrolling Text Ads Script allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Yourfreeworld Scrolling Text Ads Script
2 EDB exploits
NA
CVE-2008-6155
SQL injection vulnerability in index.php in Hispah Text Links Ads 1.1 allows remote malicious users to execute arbitrary SQL commands via the idtl parameter in a buy action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party info...
Hispah Text Links Ads 1.1
1 EDB exploit
NA
CVE-2006-2508
SQL injection vulnerability in tr1.php in YourFreeWorld.com Stylish Text Ads Script allows remote malicious users to execute arbitrary SQL commands via the id parameter, possibly involving an attack vector using advertise.php.
Yourfreeworld Stylish Text Ads Script
NA
CVE-2009-4206
SQL injection vulnerability in admin.link.modify.php in Million Dollar Text Links 1.0 and previous versions allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Cmsnx Million Dollar Text Links
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »