Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
text vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-5762
Simple Text-File Login Script (SiTeFiLo) 1.0.6 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download the database file containing the password via a direct request for slog_users.txt.
Mariovaldez Simple Text-file Login Script 1.0.6
1 EDB exploit
NA
CVE-2008-5763
PHP remote file inclusion vulnerability in slogin_lib.inc.php in Simple Text-File Login Script (SiTeFiLo) 1.0.6 allows remote malicious users to execute arbitrary PHP code via a URL in the slogin_path parameter.
Mariovaldez Simple Text-file Login Script 1.0.6
1 EDB exploit
NA
CVE-2014-5276
Multiple cross-site scripting (XSS) vulnerabilities in Pro Chat Rooms Text Chat Rooms 8.2.0 allow remote authenticated users to inject arbitrary web script or HTML via (1) an uploaded profile picture or (2) the edit parameter to profiles/index.php.
Pro Chat Rooms Text Chat Rooms 8.2.0
1 EDB exploit
NA
CVE-2007-3202
Cross-site scripting (XSS) vulnerability in the rich text editor in Webwiz allows remote malicious users to inject arbitrary web script or HTML via URL-encoded HTML composed of a frameset in which a frame has a SRC attribute pointing to a JavaScript document.
Bruce Corkhill Web Wiz Rich Text Editor 3.1
NA
CVE-2003-0648
Multiple buffer overflows in vfte, based on FTE, prior to 0.50, allow local users to execute arbitrary code.
Fte Fte Text Editor
Debian Debian Linux 3.0
9.8
CVSSv3
CVE-2022-42889
Apache Commons Text performs variable interpolation, allowing properties to be dynamically evaluated and expanded. The standard format for interpolation is "${prefix:name}", where "prefix" is used to locate an instance of org.apache.commons.text.lookup.StringL...
Apache Commons Text
Netapp Bluexp -
Juniper Security Threat Response Manager
Juniper Security Threat Response Manager 7.5.0
64 Github repositories
8.8
CVSSv3
CVE-2023-49153
Cross-Site Request Forgery (CSRF) vulnerability in Saiful Islam Add to Cart Text Changer and Customize Button, Add Custom Icon.This issue affects Add to Cart Text Changer and Customize Button, Add Custom Icon: from n/a up to and including 2.0.
Codeastrology Add To Cart Text Changer And Customize Button\\, Add Custom Icon
6.5
CVSSv3
CVE-2022-4548
The Optimize images ALT Text & names for SEO using AI WordPress plugin prior to 2.0.8 does not have CSRF check in place when updating its settings, which could allow malicious users to make a logged-in admin change them via a CSRF attack.
Imageseo Optimize Images Alt Text \\(alt Tag\\) \\& Names For Seo Using Ai
8.8
CVSSv3
CVE-2022-1415
A flaw was found where some utility classes in Drools core did not use proper safeguards when deserializing data. This flaw allows an authenticated malicious user to construct malicious serialized objects (usually called gadgets) and achieve code execution on the server.
Redhat Decision Manager 7.0
Redhat Process Automation 7.0
Redhat Jboss Middleware Text-only Advisories -
Redhat Drools 7.69.0
1 Github repository
NA
CVE-2008-0466
Web Wiz RTE_file_browser.asp in, as used in Web Wiz Rich Text Editor 4.0, Web Wiz Forums 9.07, and Web Wiz Newspad 1.02, does not require authentication, which allows remote malicious users to list directories and read files. NOTE: this can be leveraged for listings outside the c...
Webwiz Web Wiz Forums 9.07
Webwiz Web Wiz Newspad 1.02
Webwiz Web Wiz Rich Text Editor 4.0
2 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
race condition
CVE-2024-4249
CVE-2024-4244
CVE-2023-20198
TCP
CVE-2022-48648
CVE-2022-48636
CVE-2024-21345
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »