Lucene search
+L

186 matches found

wpexploit
wpexploit
added 2021/09/28 12:0 a.m.555 views

Flat Preloader < 1.5.5 - Admin+ Stored Cross-Site Scripting

The plugin does not escape some of its settings when outputting them in attribute in the frontend, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml is disallowed Put the following payload in the "Alt text" setting of the plugin, then view...

4.8CVSS0.6AI score0.00622EPSS
Exploits2
jakearchibald
jakearchibald
added 2021/08/04 1:0 a.m.45 views

Writing great alt text: Emotion matters

If you prefer videos to articles, there's an episode of HTTP 203 on this topic. Ok, on with the article… Good alt text means that screen reader users get the same 'meaning' from the page as a fully sighted user. But sometimes that's easier said than done. I recently got stuck trying to figure out...

6.6AI score
Exploits0
mskb
mskb
added 2020/04/16 8:19 a.m.27 views

Description of the Microsoft Office for Mac 2011 14.1 Update

This article describes the Service Pack 1 14.1 updates for Office for Mac 2011.IntroductionMicrosoft has released security bulletins MS11-021 and MS11-022. These security bulletins contain all the relevant information about the security updates for Microsoft Office for Mac 2011 for Mac. To view t...

6.6AI score
Exploits0
cnvd
cnvd
added 2018/05/17 12:0 a.m.6 views

WordPress Imagely NextGEN Gallery Cross-Site Scripting Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL.Imagely NextGen Gallery is one of the gallery management systems. A cross-site scripting vulnerability exists in Image Alt &...

4.8CVSS6.3AI score0.00584EPSS
Exploits0References1
osv
osv
added 2018/04/30 10:29 p.m.4 views

CVE-2018-1000172

Imagely NextGEN Gallery version 2.2.30 and earlier contains a Cross Site Scripting XSS vulnerability in Image Alt & Title Text. This attack appears to be exploitable via a victim viewing the image in the administrator page. This vulnerability appears to have been fixed in 2.2.45...

4.8CVSS5.8AI score0.00584EPSS
Exploits0References2
hackerone
hackerone
added 2015/03/10 9:51 a.m.90 views

Concrete CMS: Stored XSS in Image Alt. Text

XSS payload can be executed and saved permanently in Image Alt. Text. Poc Code: "click me!"...

6.3AI score
Exploits0
Rows per page
Query Builder