Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tiny vulnerabilities and exploits
(subscribe to this query)
4.8
CVSSv3
CVE-2023-44229
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy Tiny Carousel Horizontal Slider plugin <= 8.1 versions.
Gopiplus Tiny Carosel Horizontal Slider
NA
CVE-2012-5335
Directory traversal vulnerability in Tiny Server 1.1.5 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the URI of an HTTP request.
Saurabh Gupta Tiny Server 1.1.5
1 EDB exploit
NA
CVE-2009-1453
SQL injection vulnerability in class.eport.php in Tiny Blogr 1.0.0 rc4, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the txtUsername parameter (aka the Username field). NOTE: some of these details are obtained from third p...
Anoochit Chalothorn Tiny Blogr 1.0.0
1 EDB exploit
4.8
CVSSv3
CVE-2023-24418
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy Tiny carousel horizontal slider plus plugin <= 3.2 versions.
Gopiplus Tiny Carousel Horizontal Slider Plus
NA
CVE-2006-0635
Tiny C Compiler (TCC) 0.9.23 (aka TinyCC) evaluates the "i>sizeof(int)" expression to false when i equals -1, which might introduce integer overflow vulnerabilities into applications that could be exploited by context-dependent attackers.
Fabrice Bellard Tiny C Compiler 0.9.23
7.5
CVSSv3
CVE-2019-10012
Jenzabar JICS (aka Internet Campus Solution) prior to 9 allows remote malicious users to upload and execute arbitrary .aspx code by placing it in a ZIP archive and using the MoxieManager (for .NET) plugin prior to 2.1.4 in the moxiemanager directory within the installation folder...
Jenzabar Internet Campus Solution 9
Tiny Moxiemanager
NA
CVE-2008-0937
SQL injection vulnerability in index.php in the Tiny Event (tinyevent) 1.01 module for XOOPS allows remote malicious users to execute arbitrary SQL commands via the id parameter in a print action, a different vector than CVE-2007-1811.
Tinyevent Tinyevent 1.01
Xoops Tiny Event Module 1.01
1 EDB exploit
6.5
CVSSv3
CVE-2021-40964
A Path Traversal vulnerability exists in TinyFileManager all version up to and including 2.4.6 that allows malicious users to upload a file (with Admin credentials or with the CSRF vulnerability) with the "fullpath" parameter containing path traversal strings (../ and ....
Tinyfilemanager Project Tinyfilemanager
1 Github repository
NA
CVE-2006-1802
Cross-site scripting (XSS) vulnerability in index.php in TinyWebGallery 1.3 and 1.4 allows remote malicious users to inject arbitrary web script or HTML via the twg_album parameter.
Tinywebgallery Tinywebgallery 1.3
Tinywebgallery Tinywebgallery 1.4
1 EDB exploit
NA
CVE-2012-5344
Directory traversal vulnerability in the WebServer (Thttpd.bat) in IpTools (aka Tiny TCP/IP server) 0.1.4 allows remote malicious users to read arbitrary files via a .. (dot dot) in a HTTP request.
Kepler Lam Iptools 0.1.4
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »