Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
lite vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2023-26104
All versions of the package lite-web-server are vulnerable to Denial of Service (DoS) when an attacker sends an HTTP request and includes control characters that the decodeURI() function is unable to parse.
Lite-web-server Project Lite-web-server -
8.1
CVSSv3
CVE-2016-10568
geoip-lite-country is a stripped down version of geoip-lite, supporting only country lookup. geoip-lite-country prior to 1.1.4 downloads data resources over HTTP, which leaves it vulnerable to MITM attacks.
Geoip-lite-country Project Geoip-lite-country
8.1
CVSSv3
CVE-2016-10680
adamvr-geoip-lite is a light weight native JavaScript implementation of GeoIP API from MaxMind adamvr-geoip-lite downloads geoip resources over HTTP, which leaves it vulnerable to MITM attacks. This impacts the integrity and availability of this geoip data that may alter the deci...
Adamvr-geoip-lite Project Adamvr-geoip-lite
8.1
CVSSv3
CVE-2016-10625
headless-browser-lite is a minimal npm installer for phantomjs and slimerjs with no external dependencies. headless-browser-lite downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping o...
Headless-browser-lite Project Headless-browser-lite
8.8
CVSSv3
CVE-2022-2540
The Link Optimizer Lite plugin for WordPress is vulnerable to Cross-Site Request Forgery to Cross-Site Scripting in versions up to, and including 1.4.5. This is due to missing nonce validation on the admin_page function found in the ~/admin.php file. This makes it possible for un...
Link Optimizer Lite Project Link Optimizer Lite
9.8
CVSSv3
CVE-2022-41781
Broken Access Control vulnerability in Permalink Manager Lite plugin <= 2.2.20 on WordPress.
Permalink Manager Lite Project Permalink Manager Lite
NA
CVE-2015-5064
Multiple cross-site scripting (XSS) vulnerabilities in MySql Lite Administrator (mysql-lite-administrator) beta-1 allow remote malicious users to inject arbitrary web script or HTML via the table_name parameter to (1) tabella.php, (2) coloni.php, or (3) insert.php or (4) num_row ...
Mysql-lite-administrator Project Mysql-lite-administrator -
7.2
CVSSv3
CVE-2021-24769
The Permalink Manager Lite WordPress plugin prior to 2.2.13.1 does not validate and escape the orderby parameter before using it in a SQL statement in the Permalink Manager page, leading to a SQL Injection
Permalink Manager Lite Project Permalink Manager Lite
4.8
CVSSv3
CVE-2021-24701
The Quiz Tool Lite WordPress plugin up to and including 2.3.15 does not sanitize multiple input fields used when creating or managing quizzes and in other setting options, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capabili...
Quiz Tool Lite Project Quiz Tool Lite
NA
CVE-2013-0361
Unspecified vulnerability in the Mobile Server component in Oracle Database Mobile/Lite Server (formerly Oracle Database Lite) 10.3.0.3 and 11.1.0.0 allows remote malicious users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability...
Oracle Database Mobile\\/lite Server 11.1.0.0
Oracle Database Lite 10.3.0.3
Oracle Database Mobile\\/lite Server 10.3.0.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »