Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ismail tasdelen vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2019-11844
An HTML Injection vulnerability has been discovered on the RICOH SP 4520DN via the /web/entry/en/address/adrsSetUserWizard.cgi entryNameIn or entryDisplayNameIn parameter.
Ricoh Sp 4520dn Firmware -
6.1
CVSSv3
CVE-2018-17596
In Zoho ManageEngine AssetExplorer, a Stored XSS vulnerability exists in the 6.2.0 version via the /AssetDef.do ciName or assetName parameter.
Zohocorp Manageengine Assetexplorer 6.2.0
6.1
CVSSv3
CVE-2018-18259
Stored XSS has been discovered in version 1.0.12 of the LUYA CMS software via /admin/api-cms-nav/create-page.
Luya Luya Cms 1.0.12
6.1
CVSSv3
CVE-2018-18307
A Stored XSS vulnerability has been discovered in version 4.1.0 of AlchemyCMS via the /admin/pictures image field. NOTE: the vendor's position is that this is not a valid report: "The researcher used an authorized cookie to perform the request to a password-protected ro...
Alchemy-cms Alchemy Cms 4.1.0
6.1
CVSSv3
CVE-2018-17312
On the RICOH Aficio MP 301 printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi.
Ricoh Aficio Mp 301spf Firmware -
6.1
CVSSv3
CVE-2018-17316
On the RICOH MP C6003 printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi.
Ricoh Mp C6003 Firmware -
8.8
CVSSv3
CVE-2019-19832
Xerox AltaLink C8035 printers allow CSRF. A request to add users is made in the Device User Database form field to the xerox.set URI. (The frmUserName value must have a unique name.)
Xerox Altalink C8035 Firmware -
6.5
CVSSv3
CVE-2019-19833
In Tautulli 2.1.9, CSRF in the /shutdown URI allows an malicious user to shut down the remote media server. (Also, anonymous access can be achieved in applications that do not have a user login area).
Tautulli Tautulli 2.1.9
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2024-5274
CVE-2020-17519
CVE-2024-35340
CVE-2021-47558
local
XML injection
CVE-2021-47519
CVE-2021-47543
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5