Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
text vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv3
CVE-2023-3356
The Subscribers Text Counter WordPress plugin prior to 1.7.1 does not have CSRF check in place when updating its settings, which could allow malicious users to make a logged in admin change them via a CSRF attack, which also lead to Stored Cross-Site Scripting due to the lack of ...
Kreci Subscribers Text Counter
NA
CVE-2008-5486
SQL injection vulnerability in admin.php in TurnkeyForms Text Link Sales allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Turnkeyforms Text Link Sales
1 EDB exploit
NA
CVE-2008-5487
Cross-site scripting (XSS) vulnerability in admin.php in TurnkeyForms Text Link Sales allows remote malicious users to inject arbitrary web script or HTML via the id parameter.
Turnkeyforms Text Link Sales
1 EDB exploit
5.4
CVSSv3
CVE-2023-42371
Cross Site Scripting vulnerability in Summernote Rich Text Editor v.0.8.18 and before allows a remote malicious user to execute arbitrary code via a crafted script to the insert link function in the editor component.
Summernote Rich Text Editor
5.4
CVSSv3
CVE-2023-0070
The ResponsiveVoice Text To Speech WordPress plugin prior to 1.7.7 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored ...
Responsivevoice Responsivevoice Text To Speech
7.5
CVSSv3
CVE-2020-14040
The x/text package prior to 0.3.3 for Go has a vulnerability in encoding/unicode that could lead to the UTF-16 decoder entering an infinite loop, causing the program to crash or run out of memory. An attacker could provide a single byte to a UTF16 decoder instantiated with UseBOM...
Golang Text
Fedoraproject Fedora 32
3 Github repositories
NA
CVE-2014-5275
Multiple SQL injection vulnerabilities in includes/functions.php in Pro Chat Rooms Text Chat Rooms 8.2.0 allow remote authenticated users to execute arbitrary SQL commands via the (1) password, (2) email, or (3) id parameter.
Prochatrooms Text Chat Rooms 8.2.0
1 EDB exploit
9.8
CVSSv3
CVE-2022-4099
The Joy Of Text Lite WordPress plugin prior to 2.3.1 does not properly sanitise and escape some parameters before using them in SQL statements accessible to unauthenticated users, leading to unauthenticated SQL injection
Getcloudsms Joy Of Text Lite
NA
CVE-2009-4206
SQL injection vulnerability in admin.link.modify.php in Million Dollar Text Links 1.0 and previous versions allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Cmsnx Million Dollar Text Links
1 EDB exploit
NA
CVE-2008-6154
SQL injection vulnerability in index.php in Hispah Text Links Ads 1.1 allows remote malicious users to execute arbitrary SQL commands via the idcat parameter.
Hispah Text Links Ads 1.1
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »