Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tine vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-41364
In tine up to and including 2023.01.14.325, the sort parameter of the /index.php endpoint allows SQL Injection.
Metaways Tine
312
VMScore
CVE-2017-14921
Stored XSS vulnerability via IMG element at "Filename" of Filemanager in Tine 2.0 Community Edition prior to 2017.08.4 allows an authenticated user to inject JavaScript, which is mishandled during rendering by the application administrator and other users.
Tine20 Tine 2.0
312
VMScore
CVE-2017-14922
Stored XSS vulnerability via IMG element at "History" of Profile, Calendar, Tasks, and CRM in Tine 2.0 Community Edition prior to 2017.08.4 allows an authenticated user to inject JavaScript, which is mishandled during rendering by the application administrator and other...
Tine20 Tine 2.0
312
VMScore
CVE-2017-14923
Stored XSS vulnerability via IMG element at "Leadname" of CRM in Tine 2.0 Community Edition prior to 2017.08.4 allows an authenticated user to inject JavaScript, which is mishandled during rendering by the application administrator and other users.
Tine20 Tine 2.0
445
VMScore
CVE-2011-1666
Metaways Tine 2.0 allows remote malicious users to obtain sensitive information via unknown vectors in (1) Crm/Controller.php, (2) Crm/Export/Csv.php, or (3) Calendar/Model/Attender.php, which reveal the full installation path.
Metaways Tine 2.0
312
VMScore
CVE-2017-1000164
Tine 2.0 version 2017.02.4 is vulnerable to XSS in the Addressbook resulting code execution and privilege escalation
Tine20 Tine 2.0 2017.02.4
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started