Lucene search
K

31 matches found

Patchstack
Patchstack
added 2024/05/15 12:0 a.m.12 views

WordPress Base64 Encoder/Decoder Plugin <= 0.9.2 is vulnerable to Cross Site Scripting (XSS)

Software Base64 Encoder/Decoder Type Plugin Vulnerable versions = 0.9.2 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3822 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID 72ed251444bf Credits Francisco Spínola...

5.7AI score0.00741EPSS
Exploits2References3Affected Software1
CNNVD
CNNVD
added 2024/05/15 12:0 a.m.37 views

WordPress plugin Base64 Encoder/Decoder 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

4.8CVSS6.5AI score0.00741EPSS
Exploits2References2
Positive Technologies
Positive Technologies
added 2024/05/15 12:0 a.m.6 views

PT-2024-27905 · WordPress · Base64 Encoder/Decoder

Name of the Vulnerable Software and Affected Versions: Base64 Encoder/Decoder WordPress plugin versions 0.9.2 and earlier Description: The issue concerns a lack of CSRF check when updating settings in the plugin, along with missing sanitization and escaping. This could allow attackers to make...

2.4CVSS5.3AI score0.00217EPSS
Exploits2References4
Positive Technologies
Positive Technologies
added 2023/10/24 12:0 a.m.11 views

PT-2023-32951 · Php · Php

Name of the Vulnerable Software and Affected Versions: Base64 Encoder/Decoder WordPress plugin versions 0.9.2 and earlier PHP versions prior to 8.0.30 PHP versions prior to 8.1.22 PHP versions prior to 8.2.8 Description: The issue concerns a lack of CSRF check in the Base64 Encoder/Decoder...

5.5CVSS6.3AI score0.00202EPSS
Exploits2References6
GithubExploit
GithubExploit
added 2022/01/04 2:48 p.m.533 views

Exploit for Unrestricted Upload of File with Dangerous Type in Embedthis Goahead

CVE-2021-42342 CVE-2021-42342 RCE POC1:just prints c in...

9.8CVSS9.7AI score0.5946EPSS
Exploits2
Kitploit
Kitploit
added 2021/07/18 12:30 p.m.77 views

DNSStager - Hide Your Payload In DNS

DNSStager is an open-source project based on Python used to hide and transfer your payload using DNS. DNSStager will create a malicious DNS server that handles DNS requests to your domain and return your payload as a response to specific record requests such as AAAA or TXT records after splitting...

7.6AI score
Exploits0References3
Metasploit
Metasploit
added 2018/04/21 8:54 a.m.27 views

Ruby Base64 Encoder

This encoder returns a base64 string encapsulated in eval%base64 encoded string.unpack%m0.first. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Ruby Base64 Encoder', 'Description' = %q This...

7AI score
Exploits0
exploitpack
exploitpack
added 2012/01/30 12:0 a.m.21 views

HostBill App 2.3 - Remote Code Injection

HostBill App 2.3 - Remote Code Injection =-=-=-=-=-=-=-=-=-=-=-=-=-=-In The Name Of Allah, The Most Beneficent, The Most Merciful-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Tybe: suffering from RemotE injection php code Vendor:hostbillapp.com + Software:HostBill + Version : v2.3 + author:Dr.DaShE TEAM:...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2012/01/30 12:0 a.m.30 views

HostBill App 2.3 - Remote Code Injection

=-=-=-=-=-=-=-=-=-=-=-=-=-=-In The Name Of Allah, The Most Beneficent, The Most Merciful-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Tybe: suffering from RemotE injection php code Vendor:hostbillapp.com + Software:HostBill + Version : v2.3 + author:Dr.DaShE TEAM: Team 403 ? - contact: Dasher403atgmail.c...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2007/06/25 12:0 a.m.53 views

WebCT 4.1.5 - Email and Discussion Board Messages HTML Injection

source: https://www.securityfocus.com/bid/28107/info WebCT is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML or JavaScript code could run in the context of the...

7.4AI score
Exploits0
0day.today
0day.today
added 2003/06/08 12:0 a.m.35 views

Apache <= 2.0.45 APR Remote Exploit -Apache-Knacker.pl

Exploit for linux platform in category remote exploits ====================================================== Apache ; $host =...

7.1AI score
Exploits0
Rows per page
Query Builder