Vulnerabilities > Tiny

DATE CVE VULNERABILITY TITLE RISK
2020-02-12 CVE-2011-4908 Unrestricted Upload of File with Dangerous Type vulnerability in Tiny Tinybrowser
TinyBrowser plugin for Joomla! before 1.5.13 allows arbitrary file upload via upload.php.
network
low complexity
tiny CWE-434
critical
9.8
2020-02-12 CVE-2011-4906 Unrestricted Upload of File with Dangerous Type vulnerability in Tiny Tinybrowser
Tiny browser in TinyMCE 3.0 editor in Joomla! before 1.5.13 allows file upload and arbitrary PHP code execution.
network
low complexity
tiny CWE-434
critical
9.8
2019-07-17 CVE-2019-1010091 Cross-site Scripting vulnerability in Tiny Tinymce
tinymce 4.7.11, 4.7.12 is affected by: CWE-79: Improper Neutralization of Input During Web Page Generation.
network
low complexity
tiny CWE-79
6.1
2019-03-25 CVE-2019-10012 Unrestricted Upload of File with Dangerous Type vulnerability in multiple products
Jenzabar JICS (aka Internet Campus Solution) before 9 allows remote attackers to upload and execute arbitrary .aspx code by placing it in a ZIP archive and using the MoxieManager (for .NET) plugin before 2.1.4 in the moxiemanager directory within the installation folder ICS\ICS.NET\ICSFileServer.
network
high complexity
jenzabar tiny CWE-434
7.5