Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tim coen vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2015-5595
Cross-site request forgery (CSRF) vulnerability in admin.php in Zenphoto prior to 1.4.9 allows remote malicious users to hijack the authentication of admin users for requests that may cause a denial of service (resource consumption).
Zenphoto Zenphoto
1 EDB exploit
4.3
CVSSv2
CVE-2015-5594
The sanitize_string function in ZenPhoto prior to 1.4.9 utilized the html_entity_decode function after input sanitation, which might allow remote malicious users to perform a cross-site scripting (XSS) via a crafted string.
Zenphoto Zenphoto
1 EDB exploit
6.5
CVSSv2
CVE-2015-5591
SQL injection vulnerability in Zenphoto prior to 1.4.9 allow remote administrators to execute arbitrary SQL commands.
Zenphoto Zenphoto
1 EDB exploit
4.3
CVSSv2
CVE-2016-7146
MoinMoin 1.9.8 allows remote malicious users to conduct "JavaScript injection" attacks by using the "page creation or crafted URL" approach, related to a "Cross Site Scripting (XSS)" issue affecting the action=fckdialog&dialog=attachment (via pag...
Moinmo Moinmoin 1.9.8
4.3
CVSSv2
CVE-2016-7147
Cross-site scripting (XSS) vulnerability in the manage_findResult component in the search feature in Zope ZMI in Plone prior to 4.3.12 and 5.x prior to 5.0.7 allows remote malicious users to inject arbitrary web script or HTML via vectors involving double quotes, as demonstrated ...
Plone Plone 5.1
Plone Plone 5.0.6
Plone Plone 5.0
Plone Plone 4.3.9
Plone Plone 4.3.10
Plone Plone 3.3.6
Plone Plone 4.0.5
Plone Plone 4.1.5
Plone Plone 4.1.6
Plone Plone 4.2.7
Plone Plone 4.0.3
Plone Plone 3.3.2
Plone Plone 3.3.3
Plone Plone 5.0.5
Plone Plone 5.0.4
Plone Plone 4.3.3
Plone Plone 4.3.11
Plone Plone 4.3
Plone Plone 4.0.4
Plone Plone 4.1
Plone Plone 4.2
Plone Plone 4.2.1
4.3
CVSSv2
CVE-2016-7148
MoinMoin 1.9.8 allows remote malicious users to conduct "JavaScript injection" attacks by using the "page creation" approach, related to a "Cross Site Scripting (XSS)" issue affecting the action=AttachFile (via page name) component.
Moinmo Moinmoin 1.9.8
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started