Lucene search
K

76 matches found

CVE
CVE
added 2017/11/20 4:0 p.m.51 views

CVE-2017-16896

CVE-2017-16896 affects Tiny Tiny RSS 17.4, specifically the forgotpass component’s login parameter. Multiple connected entries confirm a SQL injection in classes/handler/public.php, producing high/severe impact (NVD metrics: CVSSv2 7.5 MED/ HIGH; CVSSv3 9.8 CRITICAL) with network reach and no aut...

9.8CVSS9.8AI score0.01478EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2017/11/20 4:0 p.m.19 views

CVE-2017-16896

A SQL injection in classes/handler/public.php in the forgotpass component of Tiny Tiny RSS 17.4 exists via the login parameter...

9.9AI score0.01478EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2017/11/20 4:0 p.m.23 views

CVE-2017-16896

A SQL injection in classes/handler/public.php in the forgotpass component of Tiny Tiny RSS 17.4 exists via the login parameter...

9.8CVSS9.9AI score0.01478EPSS
Exploits0
CNVD
CNVD
added 2017/08/01 12:0 a.m.3 views

Tiny Tiny RSS Cross-Site Scripting Vulnerability

Tiny Tiny RSS is an open source use of PHP language written RSS RSS Simple Syndication reader . A cross-site scripting vulnerability exists in previous versions of Tiny Tiny RSS 829d478f. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML...

6.1CVSS6AI score0.00888EPSS
Exploits0References1
NVD
NVD
added 2017/07/17 1:18 p.m.16 views

CVE-2017-1000035

Tiny Tiny RSS before 829d478f is vulnerable to XSS window.opener attack...

6.1CVSS6AI score0.00888EPSS
Exploits0References1
OSV
OSV
added 2017/07/17 1:18 p.m.2 views

DEBIAN-CVE-2017-1000035

Tiny Tiny RSS before 829d478f is vulnerable to XSS window.opener attack...

6.1CVSS6.4AI score0.00888EPSS
Exploits0References1
OSV
OSV
added 2017/07/17 1:18 p.m.5 views

CVE-2017-1000035

Tiny Tiny RSS before 829d478f is vulnerable to XSS window.opener attack...

6.1CVSS5.9AI score
Exploits0References1
UbuntuCve
UbuntuCve
added 2017/07/17 1:18 p.m.41 views

CVE-2017-1000035

Tiny Tiny RSS before 829d478f is vulnerable to XSS window.opener attack...

6.1CVSS6.3AI score0.00888EPSS
Exploits0References3
Prion
Prion
added 2017/07/17 1:18 p.m.19 views

Design/Logic Flaw

Tiny Tiny RSS before 829d478f is vulnerable to XSS window.opener attack...

4.3CVSS5.9AI score0.00888EPSS
Exploits0References1
OSV
OSV
added 2017/07/17 1:18 p.m.3 views

UBUNTU-CVE-2017-1000035

Tiny Tiny RSS before 829d478f is vulnerable to XSS window.opener attack...

6.1CVSS6.4AI score0.00888EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2017/07/13 8:0 p.m.17 views

CVE-2017-1000035

Tiny Tiny RSS before 829d478f is vulnerable to XSS window.opener attack...

6.1CVSS6AI score0.00888EPSS
Exploits0
Cvelist
Cvelist
added 2017/07/13 8:0 p.m.21 views

CVE-2017-1000035

Tiny Tiny RSS before 829d478f is vulnerable to XSS window.opener attack...

6AI score0.00888EPSS
Exploits0References1
CVE
CVE
added 2017/07/13 8:0 p.m.47 views

CVE-2017-1000035

CVE-2017-1000035 affects Tiny Tiny RSS prior to 829d478f, where an XSS window.opener vulnerability exists. The root cause is a cross-site scripting flaw in the application’s handling of window.opener context, potentially allowing script injection in affected sessions. Referenced patch/commit 829d...

6.1CVSS5.9AI score0.00888EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2016/05/14 12:0 a.m.2 views

Tiny Tiny RSS SQL Injection Vulnerability

A blind injection vulnerability exists in $itemid in Tiny Tiny RSS processcategoryorder. An attacker is able to connect to the library database and execute database statements...

7.6AI score
Exploits0References1
Packet Storm
Packet Storm
added 2016/02/15 12:0 a.m.27 views

Tiny Tiny RSS Blind SQL Injection

Exploit Title: Tiny Tiny RSS Blind SQL Injection Date: 15-02-2016 Software Link: http://tt-rss.org/ Exploit Author: Kacper Szurek Contact: http://twitter.com/KacperSzurek Website: http://security.szurek.pl/ Category: webapps 1. Description $itemid inside processcategoryorder is not properly...

7.4AI score
Exploits0
0day.today
0day.today
added 2016/02/15 12:0 a.m.25 views

Tiny Tiny RSS - Blind SQL Injection

Exploit for php platform in category web applications Exploit Title: Tiny Tiny RSS Blind SQL Injection Date: 15-02-2016 Software Link: http://tt-rss.org/ Exploit Author: Kacper Szurek Contact: http://twitter.com/KacperSzurek Website: http://security.szurek.pl/ Category: webapps 1. Description...

7.1AI score
Exploits0
Rows per page
Query Builder