Vulnerabilities > Themefic > Tourfic > 2.10.0

DATE CVE VULNERABILITY TITLE RISK
2024-03-19 CVE-2024-29134 Unspecified vulnerability in Themefic Tourfic
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themefic Tourfic allows Stored XSS.This issue affects Tourfic: from n/a through 2.11.8.
network
low complexity
themefic
5.4
5.4
2024-03-19 CVE-2024-29135 Unspecified vulnerability in Themefic Tourfic
Unrestricted Upload of File with Dangerous Type vulnerability in Tourfic.This issue affects Tourfic: from n/a through 2.11.15.
network
low complexity
themefic
8.8
8.8
2024-03-19 CVE-2024-29136 Unspecified vulnerability in Themefic Tourfic
Deserialization of Untrusted Data vulnerability in Themefic Tourfic.This issue affects Tourfic: from n/a through 2.11.17.
network
low complexity
themefic
8.8
8.8