Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ismail tasdelen vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2020-35437
Subrion CMS 4.2.1 is affected by: Cross Site Scripting (XSS) through the avatar[path] parameter in a POST request to the /_core/profile/ URI.
Intelliants Subrion Cms 4.2.1
355
VMScore
CVE-2018-18416
LANGO Codeigniter Multilingual Script 1.0 has XSS in the input and upload sections, as demonstrated by the site_name parameter to the admin/settings/update URI.
Pokkho Lango 1.0
1 EDB exploit
383
VMScore
CVE-2018-16833
Zoho ManageEngine Desktop Central 10.0.271 has XSS via the "Features & Articles" search field to the /advsearch.do?SUBREQUEST=XMLHTTP URI.
Zohocorp Manageengine Desktop Central 10.0.271
435
VMScore
CVE-2019-10226
HTML Injection has been discovered in the v0.19.0 version of the Fat Free CRM product via an authenticated request to the /comments URI. NOTE: the vendor disputes the significance of this report because some HTML formatting (such as with an H1 element) is allowed, but there is a ...
Fatfreecrm Fat Free Crm 0.19.0
1 EDB exploit
435
VMScore
CVE-2018-17587
AirTies Air 5750 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter.
Airties Air 5750 Firmware 1.0.0.18
1 EDB exploit
435
VMScore
CVE-2018-17588
AirTies Air 5021 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter.
Airties Air 5021 Firmware 1.0.0.18
1 EDB exploit
435
VMScore
CVE-2018-17590
AirTies Air 5442 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter.
Airties Air 5442 Firmware 1.0.0.18
1 EDB exploit
435
VMScore
CVE-2018-17593
AirTies Air 5453 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter.
Airties Air 5453 Firmware 1.0.0.18
1 EDB exploit
435
VMScore
CVE-2018-18308
In the 4.2.23 version of BigTree, a Stored XSS vulnerability has been discovered in /admin/ajax/file-browser/upload/ (aka the image upload area).
Bigtreecms Bigtree Cms 4.2.23
1 EDB exploit
355
VMScore
CVE-2018-18417
In the 3.1 version of Ekushey Project Manager CRM, Stored XSS has been discovered in the input and upload sections, as demonstrated by the name parameter to the index.php/admin/client/create URI.
Creativeitem Ekushey Project Manager 3.1
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »