Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tim coen vulnerabilities and exploits
(subscribe to this query)
435
VMScore
CVE-2015-5594
The sanitize_string function in ZenPhoto prior to 1.4.9 utilized the html_entity_decode function after input sanitation, which might allow remote malicious users to perform a cross-site scripting (XSS) via a crafted string.
Zenphoto Zenphoto
1 EDB exploit
655
VMScore
CVE-2015-5591
SQL injection vulnerability in Zenphoto prior to 1.4.9 allow remote administrators to execute arbitrary SQL commands.
Zenphoto Zenphoto
1 EDB exploit
435
VMScore
CVE-2015-5595
Cross-site request forgery (CSRF) vulnerability in admin.php in Zenphoto prior to 1.4.9 allows remote malicious users to hijack the authentication of admin users for requests that may cause a denial of service (resource consumption).
Zenphoto Zenphoto
1 EDB exploit
383
VMScore
CVE-2016-7148
MoinMoin 1.9.8 allows remote malicious users to conduct "JavaScript injection" attacks by using the "page creation" approach, related to a "Cross Site Scripting (XSS)" issue affecting the action=AttachFile (via page name) component.
Moinmo Moinmoin 1.9.8
383
VMScore
CVE-2016-7146
MoinMoin 1.9.8 allows remote malicious users to conduct "JavaScript injection" attacks by using the "page creation or crafted URL" approach, related to a "Cross Site Scripting (XSS)" issue affecting the action=fckdialog&dialog=attachment (via pag...
Moinmo Moinmoin 1.9.8
383
VMScore
CVE-2016-7147
Cross-site scripting (XSS) vulnerability in the manage_findResult component in the search feature in Zope ZMI in Plone prior to 4.3.12 and 5.x prior to 5.0.7 allows remote malicious users to inject arbitrary web script or HTML via vectors involving double quotes, as demonstrated ...
Plone Plone 5.1
Plone Plone 5.0.6
Plone Plone 5.0
Plone Plone 4.3.9
Plone Plone 4.3.10
Plone Plone 3.3.6
Plone Plone 4.0.5
Plone Plone 4.1.5
Plone Plone 4.1.6
Plone Plone 4.2.7
Plone Plone 4.0.3
Plone Plone 3.3.2
Plone Plone 3.3.3
Plone Plone 5.0.5
Plone Plone 5.0.4
Plone Plone 4.3.3
Plone Plone 4.3.11
Plone Plone 4.3
Plone Plone 4.0.4
Plone Plone 4.1
Plone Plone 4.2
Plone Plone 4.2.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started