Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tiny vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2020-25787
An issue exists in Tiny Tiny RSS (aka tt-rss) prior to 2020-09-16. It does not validate all URLs before requesting them.
Tt-rss Tiny Tiny Rss
6.8
CVSSv2
CVE-2020-25788
An issue exists in Tiny Tiny RSS (aka tt-rss) prior to 2020-09-16. imgproxy in plugins/af_proxy_http/init.php mishandles $_REQUEST["url"] in an error message.
Tt-rss Tiny Tiny Rss
7.5
CVSSv2
CVE-2020-7724
All versions of package tiny-conf are vulnerable to Prototype Pollution via the set function.
Tiny-conf Project Tiny-conf
7.8
CVSSv2
CVE-2012-1783
Tiny Server 1.1.9 and previous versions allows remote malicious users to cause a denial of service (crash) via a long string in a GET request without an HTTP version number.
Saurabh Gupta Tiny Server 1.0.5
Saurabh Gupta Tiny Server
Saurabh Gupta Tiny Server 1.1.5
1 EDB exploit
7.5
CVSSv2
CVE-2017-16896
A SQL injection in classes/handler/public.php in the forgotpass component of Tiny Tiny RSS 17.4 exists via the login parameter.
Tt-rss Tiny Tiny Rss 17.4
4.6
CVSSv2
CVE-2002-0349
Tiny Personal Firewall (TPF) 2.0.15, under certain configurations, will pop up an alert to the system even when the screen is locked, which could allow an attacker with physical access to the machine to hide activities or bypass access restrictions.
Tiny Software Tiny Personal Firewall 2.0.15
6.5
CVSSv2
CVE-2021-45010
A path traversal vulnerability in the file upload functionality in tinyfilemanager.php in Tiny File Manager prior to 2.4.7 allows remote attackers (with valid user accounts) to upload malicious PHP files to the webroot, leading to code execution.
Tiny File Manager Project Tiny File Manager
6 Github repositories
7.5
CVSSv2
CVE-2022-1000
Path Traversal in GitHub repository prasathmani/tinyfilemanager before 2.4.7.
Tiny File Manager Project Tiny File Manager
4.3
CVSSv2
CVE-2022-1846
The Tiny Contact Form WordPress plugin up to and including 0.7 does not have CSRF check in place when updating its settings, which could allow malicious users to make a logged in admin change them via a CSRF attack
Tiny Contact Form Project Tiny Contact Form
6.5
CVSSv2
CVE-2019-16790
In Tiny File Manager prior to 2.3.9, there is a remote code execution via Upload from URL and Edit/Rename files. Only authenticated users are impacted.
Tiny File Manager Project Tiny File Manager
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »