52 matches found
WP AutoSuggest 0.24 - Unauthenticated SQL Injection
The wp-autosuggest WordPress plugin was affected by an Unauthenticated SQL Injection security vulnerability. sqlmap -u "http://URL/wp-content/plugins/wp-autosuggest/autosuggest.php?wpasaction=query&wpaskeys=1" --technique BT --dbms MYSQL --risk 3 --level 5 -p wpaskeys --tamper space2comment...
WordPress Plugin AutoSuggest 0.24 - 'wpas_keys' SQL Injection
Exploit Title: WP AutoSuggest 0.24 - SQL Injection Date: 01-12-2018 Software Link: https://wordpress.org/plugins/wp-autosuggest/ Exploit Author: Kaimi Website: https://kaimi.io Version: 0.24 Category: webapps SQL Injection File: autosuggest.php Vulnerable code: if isset$GET'wpaskeys' $wpaskeys =...
Bing Autosuggest API - Moderately critical - Cross Site Scripting - SA-CONTRIB-2018-058
This module enables you to use the Bing Autosuggest API. The module doesn't sufficiently sanitize a value used to populate an API request...
User Friendly Interactive Shell: Fish
Fish is a smart and user-friendly command line shell for OS X, Linux, and the rest of the family. fish includes features like syntax highlighting, autosuggest-as-you-type, and fancy tab completions that just work, with no configuration required. FISH is designed to work with any other shell like...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Fork CMS before 3.2.7 allow remote attackers to inject arbitrary web script or HTML via the term parameter to 1 autocomplete.php, 2 search/ajax/autosuggest.php, 3 livesuggest.php, or 4 save.php in frontend/modules/search/ajax...
CVE-2010-3118
The autosuggest feature in the Omnibox implementation in Google Chrome before 5.0.375.127 does not anticipate entry of passwords, which might allow remote attackers to obtain sensitive information by reading the network traffic generated by this feature...
CVE-2010-3118
The autosuggest feature in the Omnibox implementation in Google Chrome before 5.0.375.127 does not anticipate entry of passwords, which might allow remote attackers to obtain sensitive information by reading the network traffic generated by this feature...
CVE-2010-3118
The CVE-2010-3118 affects Google Chrome’s Omnibox autosuggest feature (Chrome before 5.0.375.127). The vulnerability could allow remote attackers to obtain sensitive information by reading the network traffic generated by the autosuggest process. Exploitation details, affected versions beyond the...
CVE-2010-3118
Removed by vendor...
Google Chrome < 5.0.375.127 Multiple Vulnerabilities
Binary data 800956.prm...
Google Chrome < 5.0.375.127 Multiple Vulnerabilities
The version of Google Chrome installed on the remote host is earlier than 5.0.375.127. Such versions are reportedly affected by multiple vulnerabilities : - A memory corruption vulnerability exists with the file dialog. Issue 45400 - A memory corruption vulnerability exists when processing SVG...
Google Chrome < 5.0.375.127 Multiple Vulnerabilities
Binary data 5644.pasl...