Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
thinksaas vulnerabilities and exploits
(subscribe to this query)
312
VMScore
CVE-2018-15129
ThinkSAAS through 2018-07-25 has XSS via the index.php?app=article&ac=comment&ts=do content parameter.
Thinksaas Thinksaas
312
VMScore
CVE-2018-15130
ThinkSAAS through 2018-07-25 has XSS via the index.php?app=group&ac=create&ts=do groupdesc parameter.
Thinksaas Thinksaas
668
VMScore
CVE-2020-35337
ThinkSAAS prior to 3.38 contains a SQL injection vulnerability through app/topic/action/admin/topic.php via the title parameter, which allows remote malicious users to execute arbitrary SQL commands.
Thinksaas Thinksaas
312
VMScore
CVE-2019-16664
An issue exists in ThinkSAAS 2.91. There is XSS via the index.php?app=group&ac=create&ts=do groupname parameter.
Thinksaas Thinksaas 2.91
383
VMScore
CVE-2019-16665
An issue exists in ThinkSAAS 2.91. There is XSS via the content to the index.php?app=group&ac=comment&ts=do&js=1 URI, as demonstrated by a crafted SVG document in the SRC attribute of an EMBED element.
Thinksaas Thinksaas 2.91
445
VMScore
CVE-2020-18741
Improper Authorization in ThinkSAAS v2.7 allows remote malicious users to modify the description of any user's photo via the "photoid%5B%5D" and "photodesc%5B%5D" parameters in the component "index.php?app=photo."
Thinksaas Thinksaas 2.7
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-2907
hardcoded
inject
CVE-2024-20359
CVE-2024-2467
CVE-2024-4077
CVE-2024-22391
camera
CVE-2024-20353
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started