Skip to main content

Tianti

5 CVEs product

Monthly

CVE-2018-19110 MEDIUM POC This Month

The skin-management feature in tianti 2.3 allows remote authenticated users to bypass intended permission restrictions by visiting tianti-module-admin/user/skin/list directly because. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Java Authentication Bypass Tianti
NVD GitHub
CVSS 3.0
6.5
EPSS
1.2%
CVE-2018-19109 HIGH POC This Week

tianti 2.3 allows remote authenticated users to bypass intended permission restrictions by visiting tianti-module-admin/cms/column/list directly to read the column list page or edit a column. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Tianti
NVD GitHub
CVSS 3.0
8.8
EPSS
1.8%
CVE-2018-19091 MEDIUM POC This Month

tianti 2.3 has reflected XSS in the user management module via the tianti-module-admin/user/list userName parameter. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Tianti
NVD GitHub
CVSS 3.0
5.4
EPSS
0.7%
CVE-2018-19090 MEDIUM POC This Month

tianti 2.3 has stored XSS in the article management module via an article title. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Tianti
NVD GitHub
CVSS 3.0
5.4
EPSS
0.7%
CVE-2018-19089 MEDIUM POC This Month

tianti 2.3 has stored XSS in the userlist module via the tianti-module-admin/user/ajax/save_role name parameter, which is mishandled in. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Tianti
NVD GitHub
CVSS 3.0
5.4
EPSS
0.7%
EPSS 1% CVSS 6.5
MEDIUM POC This Month

The skin-management feature in tianti 2.3 allows remote authenticated users to bypass intended permission restrictions by visiting tianti-module-admin/user/skin/list directly because. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Java Authentication Bypass Tianti
NVD GitHub
EPSS 2% CVSS 8.8
HIGH POC This Week

tianti 2.3 allows remote authenticated users to bypass intended permission restrictions by visiting tianti-module-admin/cms/column/list directly to read the column list page or edit a column. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Tianti
NVD GitHub
EPSS 1% CVSS 5.4
MEDIUM POC This Month

tianti 2.3 has reflected XSS in the user management module via the tianti-module-admin/user/list userName parameter. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Tianti
NVD GitHub
EPSS 1% CVSS 5.4
MEDIUM POC This Month

tianti 2.3 has stored XSS in the article management module via an article title. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Tianti
NVD GitHub
EPSS 1% CVSS 5.4
MEDIUM POC This Month

tianti 2.3 has stored XSS in the userlist module via the tianti-module-admin/user/ajax/save_role name parameter, which is mishandled in. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Tianti
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy