Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tiny vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2017-1000035
Tiny Tiny RSS prior to 829d478f is vulnerable to XSS window.opener attack
Tt-rss Tiny Tiny Rss -
9.8
CVSSv3
CVE-2020-7724
All versions of package tiny-conf are vulnerable to Prototype Pollution via the set function.
Tiny-conf Project Tiny-conf
6.5
CVSSv3
CVE-2022-39287
tiny-csrf is a Node.js cross site request forgery (CSRF) protection middleware. In versions before 1.1.0 cookies were not encrypted and thus CSRF tokens were transmitted in the clear. This issue has been addressed in commit `8eead6d` and the patch with be included in version 1.1....
Tiny-csrf Project Tiny-csrf
9.8
CVSSv3
CVE-2017-16896
A SQL injection in classes/handler/public.php in the forgotpass component of Tiny Tiny RSS 17.4 exists via the login parameter.
Tt-rss Tiny Tiny Rss 17.4
NA
CVE-2002-0349
Tiny Personal Firewall (TPF) 2.0.15, under certain configurations, will pop up an alert to the system even when the screen is locked, which could allow an attacker with physical access to the machine to hide activities or bypass access restrictions.
Tiny Software Tiny Personal Firewall 2.0.15
NA
CVE-2012-1783
Tiny Server 1.1.9 and previous versions allows remote malicious users to cause a denial of service (crash) via a long string in a GET request without an HTTP version number.
Saurabh Gupta Tiny Server 1.0.5
Saurabh Gupta Tiny Server
Saurabh Gupta Tiny Server 1.1.5
1 EDB exploit
8.8
CVSSv3
CVE-2019-16790
In Tiny File Manager prior to 2.3.9, there is a remote code execution via Upload from URL and Edit/Rename files. Only authenticated users are impacted.
Tiny File Manager Project Tiny File Manager
8.8
CVSSv3
CVE-2021-45010
A path traversal vulnerability in the file upload functionality in tinyfilemanager.php in Tiny File Manager prior to 2.4.7 allows remote attackers (with valid user accounts) to upload malicious PHP files to the webroot, leading to code execution.
Tiny File Manager Project Tiny File Manager
6 Github repositories
4.3
CVSSv3
CVE-2022-1846
The Tiny Contact Form WordPress plugin up to and including 0.7 does not have CSRF check in place when updating its settings, which could allow malicious users to make a logged in admin change them via a CSRF attack
Tiny Contact Form Project Tiny Contact Form
8.1
CVSSv3
CVE-2018-1000096
brianleroux tiny-json-http version all versions since commit 9b8e74a232bba4701844e07bcba794173b0238a8 (Oct 29 2016) contains a Missing SSL certificate validation vulnerability in The libraries core functionality is affected. that can result in Exposes the user to man-in-the-middl...
Tiny-json-http Project Tiny-json-http
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2024-34413
CVE-2024-34089
CVE-2024-33408
local
SQL
CVE-2024-0402
CVE-2024-33910
CVE-2024-31848
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »