Lucene search
+L

11 matches found

Hacker One
Hacker One
added 2026/05/04 1:17 p.m.28 views

PortSwigger Web Security: Burp Suite Professional: browser-powered crawl can write attacker-controlled files through file input handling

A vulnerability was discovered in Burp Suite Professional 2026.3.3 on Windows. When Burp Scanner's browser-powered crawler crawled an attacker-controlled website, the website could force Burp to write an attacker-controlled file to an attacker-controlled local path. The issue was caused by Burp's...

5.4AI score
Exploits0
wpexploit
wpexploit
added 2023/04/19 12:0 a.m.171 views

RapidExpCart <= 1.0 - Stored XSS via CSRF

The plugin does not sanitize and escape the url parameter in the rapidexpcart endpoint before storing it and outputting it back in the page, leading to a Stored Cross-Site Scripting vulnerability which could be used against high-privilege users such as admin, furthermore lack of csrf protection...

5.4CVSS8.3AI score0.00239EPSS
Exploits2
Packet Storm
Packet Storm
added 2022/08/01 12:0 a.m.384 views

Wavlink WN533A8 Cross Site Scripting

Exploit Title: Wavlink WN533A8 - Cross-Site Scripting XSS Exploit Author: Ahmed Alroky Author Company : AIactive Version: M33A8.V5030.190716 Vendor home page : wavlink.com Authentication Required: No CVE : CVE-2022-34048 Tested on: Windows Poc code history.pushState'', '', '/'...

6.1CVSS6.4AI score0.06313EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/10/13 12:0 a.m.309 views

Pharmacy Point of Sale System 1.0 - &#039;Add New User&#039; Cross-Site Request Forgery (CSRF)

Exploit Title: Pharmacy Point of Sale System 1.0 - 'Add New User' Cross-Site Request Forgery CSRF Date: 10/11/2021 Exploit Author: Murat DEMIRCI @butterflyhunt3r Vendor Homepage: https://www.sourcecodester.com/ Software Link:...

7.4AI score
Exploits0
0day.today
0day.today
added 2020/03/12 12:0 a.m.180 views

HRSALE 1.1.8 - Cross-Site Request Forgery (Add Admin) Vulnerability

Exploit for php platform in category web applications Exploit Title: HRSALE 1.1.8 - Cross-Site Request Forgery Add Admin Exploit Author: Ismail Akıcı Vendor Homepage: http://hrsale.com/ Software Link : http://demo.hrsale.com/ Software : HRSALE v1.1.8 Product Version: v1.1.8 Vulnerability Type :...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2020/03/12 12:0 a.m.120 views

HRSALE 1.1.8 - Cross-Site Request Forgery (Add Admin)

HRSALE 1.1.8 - Cross-Site Request Forgery Add Admin Exploit Title: HRSALE 1.1.8 - Cross-Site Request Forgery Add Admin Date: 2020-03-11 Exploit Author: Ismail Akıcı Vendor Homepage: http://hrsale.com/ Software Link : http://demo.hrsale.com/ Software : HRSALE v1.1.8 Product Version: v1.1.8...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2019/05/21 12:0 a.m.90 views

TP-LINK TL-WR840N Cross Site Scripting

Exploit Title: TL-WR840N v5 00000005 Date: 5/10/2019 Exploit Author: purnendu ghosh Vendor Homepage: https://www.tp-link.com/ Software Link: https://www.amazon.in/TP-LINK-TL-WR840N-300Mbps-Wireless-External/dp/B01A0G1J7Q Category: Hardware Firmware Version:0.9.1 3.16 v0001.0 Build 171211 Rel.5880...

5.2AI score0.01789EPSS
Exploits4
Exploit DB
Exploit DB
added 2018/08/31 12:0 a.m.33 views

DamiCMS 6.0.0 - Cross-Site Request Forgery (Change Admin Password)

Exploit Title: DamiCMS 6.0.0 - Cross-Site Request Forgery Change Admin Password Author: AutismJH Date: 2018-08-30 Vendor Homepage: https://github.com/731276192/damicms Software Link: https://github.com/731276192/damicms Version: 6.0.0 CVE: CVE-2018-15844 Description: DamiCMS v6.0.0 allows CSRF to...

8.8CVSS9AI score0.02467EPSS
Exploits3
Kitploit
Kitploit
added 2018/05/26 11:9 p.m.21 views

Burpa - A Burp Suite Automation Tool

A Burp Suite Automation Tool With Slack Integration. Requirements burp-rest-api Burp Suite Professional slackclient Usage $ python burpa.py -h / / / / / / / / / / / // / // / / / // / // / /./,// / ./,/ // burpa version 0.1 / by 0x4D31 usage: burpa.py -h -a scan,proxy-config,stop -pP PROXYPORT...

7.5AI score
Exploits0References2
Exploit DB
Exploit DB
added 2014/10/14 12:0 a.m.55 views

Croogo 2.0.0 - Multiple Persistent Cross-Site Scripting Vulnerabilities

------------------------ XSS 1 -------- POST parameters: - dataContacttitle ------------------------ input type="hidden" name="dataTokenkey" value="2627e9e204ad6b878db...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2013/05/16 12:0 a.m.33 views

WordPress Plugin WP Cleanfix - Cross-Site Request Forgery

source: https://www.securityfocus.com/bid/59940/info The WP cleanfix plugin for WordPress is prone to a cross-site request-forgery vulnerability. Exploiting this issue may allow a remote attacker to perform certain unauthorized actions in the context of the affected application. Other attacks are...

7AI score
Exploits0
Rows per page
Query Builder