Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
lite vulnerabilities and exploits
(subscribe to this query)
312
VMScore
CVE-2021-24701
The Quiz Tool Lite WordPress plugin up to and including 2.3.15 does not sanitize multiple input fields used when creating or managing quizzes and in other setting options, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capabili...
Quiz Tool Lite Project Quiz Tool Lite
578
VMScore
CVE-2021-24769
The Permalink Manager Lite WordPress plugin prior to 2.2.13.1 does not validate and escape the orderby parameter before using it in a SQL statement in the Permalink Manager page, leading to a SQL Injection
Permalink Manager Lite Project Permalink Manager Lite
NA
CVE-2022-2540
The Link Optimizer Lite plugin for WordPress is vulnerable to Cross-Site Request Forgery to Cross-Site Scripting in versions up to, and including 1.4.5. This is due to missing nonce validation on the admin_page function found in the ~/admin.php file. This makes it possible for un...
Link Optimizer Lite Project Link Optimizer Lite
383
VMScore
CVE-2015-5064
Multiple cross-site scripting (XSS) vulnerabilities in MySql Lite Administrator (mysql-lite-administrator) beta-1 allow remote malicious users to inject arbitrary web script or HTML via the table_name parameter to (1) tabella.php, (2) coloni.php, or (3) insert.php or (4) num_row ...
Mysql-lite-administrator Project Mysql-lite-administrator -
605
VMScore
CVE-2016-10568
geoip-lite-country is a stripped down version of geoip-lite, supporting only country lookup. geoip-lite-country prior to 1.1.4 downloads data resources over HTTP, which leaves it vulnerable to MITM attacks.
Geoip-lite-country Project Geoip-lite-country
NA
CVE-2022-4021
The Permalink Manager Lite plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.2.20.1. This is due to missing or incorrect nonce validation on the extra_actions function. This makes it possible for unauthenticated malicious users t...
Permalink Manager Lite Project Permalink Manager Lite
NA
CVE-2022-41781
Broken Access Control vulnerability in Permalink Manager Lite plugin <= 2.2.20 on WordPress.
Permalink Manager Lite Project Permalink Manager Lite
NA
CVE-2022-25895
All versions of package lite-dev-server are vulnerable to Directory Traversal due to missing input sanitization and sandboxes being employed to the req.url user input that is passed to the server code.
Lite-dev-server Project Lite-dev-server -
NA
CVE-2023-26104
All versions of the package lite-web-server are vulnerable to Denial of Service (DoS) when an attacker sends an HTTP request and includes control characters that the decodeURI() function is unable to parse.
Lite-web-server Project Lite-web-server -
828
VMScore
CVE-2016-10625
headless-browser-lite is a minimal npm installer for phantomjs and slimerjs with no external dependencies. headless-browser-lite downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping o...
Headless-browser-lite Project Headless-browser-lite
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »