Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tiny vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2020-25789
An issue exists in Tiny Tiny RSS (aka tt-rss) prior to 2020-09-16. The cached_url feature mishandles JavaScript inside an SVG document.
Tt-rss Tiny Tiny Rss
668
VMScore
CVE-2020-7724
All versions of package tiny-conf are vulnerable to Prototype Pollution via the set function.
Tiny-conf Project Tiny-conf
445
VMScore
CVE-2021-28373
The auth_internal plugin in Tiny Tiny RSS (aka tt-rss) prior to 2021-03-12 allows an malicious user to log in via the OTP code without a valid password. NOTE: this issue only affected the git master branch for a short time. However, all end users are explicitly directed to use th...
Tt-rss Tiny Tiny Rss
409
VMScore
CVE-2002-0349
Tiny Personal Firewall (TPF) 2.0.15, under certain configurations, will pop up an alert to the system even when the screen is locked, which could allow an attacker with physical access to the machine to hide activities or bypass access restrictions.
Tiny Software Tiny Personal Firewall 2.0.15
668
VMScore
CVE-2017-16896
A SQL injection in classes/handler/public.php in the forgotpass component of Tiny Tiny RSS 17.4 exists via the login parameter.
Tt-rss Tiny Tiny Rss 17.4
785
VMScore
CVE-2012-1783
Tiny Server 1.1.9 and previous versions allows remote malicious users to cause a denial of service (crash) via a long string in a GET request without an HTTP version number.
Saurabh Gupta Tiny Server 1.0.5
Saurabh Gupta Tiny Server
Saurabh Gupta Tiny Server 1.1.5
1 EDB exploit
605
VMScore
CVE-2018-1000096
brianleroux tiny-json-http version all versions since commit 9b8e74a232bba4701844e07bcba794173b0238a8 (Oct 29 2016) contains a Missing SSL certificate validation vulnerability in The libraries core functionality is affected. that can result in Exposes the user to man-in-the-middl...
Tiny-json-http Project Tiny-json-http
580
VMScore
CVE-2021-45010
A path traversal vulnerability in the file upload functionality in tinyfilemanager.php in Tiny File Manager prior to 2.4.7 allows remote attackers (with valid user accounts) to upload malicious PHP files to the webroot, leading to code execution.
Tiny File Manager Project Tiny File Manager
6 Github repositories
668
VMScore
CVE-2022-1000
Path Traversal in GitHub repository prasathmani/tinyfilemanager before 2.4.7.
Tiny File Manager Project Tiny File Manager
383
VMScore
CVE-2022-1846
The Tiny Contact Form WordPress plugin up to and including 0.7 does not have CSRF check in place when updating its settings, which could allow malicious users to make a logged in admin change them via a CSRF attack
Tiny Contact Form Project Tiny Contact Form
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »