Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
flowpaper vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2023-40197
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Devaldi Ltd flowpaper plugin <= 1.9.9 versions.
Flowpaper Flowpaper
5.4
CVSSv3
CVE-2023-5200
The flowpaper plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'flipbook' shortcode in versions up to, and including, 2.0.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authentica...
Flowpaper Flowpaper
6.1
CVSSv3
CVE-2014-9677
Cross-site scripting (XSS) vulnerability in FlexPaperViewer.swf in Flexpaper prior to 2.3.1 allows remote malicious users to inject arbitrary web script or HTML via the Swfile parameter.
Flowpaper Flexpaper
6.1
CVSSv3
CVE-2014-9678
FlexPaperViewer.swf in Flexpaper prior to 2.3.1 allows remote malicious users to conduct content-spoofing attacks via the Swfile parameter.
Flowpaper Flexpaper
9.8
CVSSv3
CVE-2018-11686
The Publish Service in FlexPaper (later renamed FlowPaper) 2.3.6 allows remote code execution via setup.php and change_config.php.
Flowpaper Flexpaper
1 EDB exploit
1 Github repository
5.5
CVSSv3
CVE-2020-19464
An issue has been found in function XRef::fetch in PDF2JSON 0.70 that allows malicious users to cause a Denial of Service due to a stack overflow .
Flowpaper Pdf2json 0.70
5.5
CVSSv3
CVE-2020-19467
An issue has been found in function DCTStream::transformDataUnit in PDF2JSON 0.70 that allows malicious users to cause a Denial of Service due to an Illegal Use After Free .
Flowpaper Pdf2json 0.70
7.5
CVSSv3
CVE-2020-23879
pdf2json v0.71 exists to contain a NULL pointer dereference in the component ObjectStream::getObject.
Flowpaper Pdf2json 0.71
8.8
CVSSv3
CVE-2018-14947
An issue has been found in PDF2JSON 0.69. XmlFontAccu::CSStyle in XmlFonts.cc has Mismatched Memory Management Routines (operator new [] versus operator delete).
Flowpaper Pdf2json 0.69
5.5
CVSSv3
CVE-2020-19470
An issue has been found in function DCTStream::getChar in PDF2JSON 0.70 that allows malicious users to cause a Denial of Service due to a NULL pointer dereference (invalid read of size 1) .
Flowpaper Pdf2json 0.70
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »