CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

432 matches found

Cvelist•added 2019/10/10 9:4 p.m.•25 views

CVE-2019-17495

A Cascading Style Sheets CSS injection vulnerability in Swagger UI before 3.23.11 allows attackers to use the Relative Path Overwrite RPO technique to perform CSS-based input field value exfiltration, such as exfiltration of a CSRF token value. In other words, this product intentionally allows th...

9.4AI score0.0558EPSS

Exploits1References11

CVE•added 2019/09/11 10:55 p.m.•118 views

CVE-2019-16250

CVE-2019-16250 affects the WordPress plugin Ocean Extra (

7.5CVSS7.7AI score0.01364EPSS

Exploits1References1Affected Software1

CNVD•added 2019/09/11 12:0 a.m.•3 views

WordPress Ocean Extra plugin input validation error vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.Ocean Extra is a plugin used to add extensions to the Ocean theme. An input validation error vulnerability exists in the...

7.5CVSS6.7AI score0.01364EPSS

Exploits1References1

Hacker One•added 2019/08/22 8:11 p.m.•33 views

Slack: CSS Injection to disable app & potential message exfil

Tested on Slack for MacOS v4.0.2 - I've marked this as code injection since there was no "css injection" 1. In the app go to Preferences - Sidebar 2. Enable custom theming 3. Set the column BG to FFFFFF; html display:none; 4. The app will no-longer render this survives re-installs If this theme...

1AI score

Exploits0

WPVulnDB•added 2019/07/04 12:0 a.m.•29 views

Ocean Extra <= 1.5.8 - Unauthenticated Settings change and CSS injection

The Ocean Extra WordPress plugin was affected by an Unauthenticated Settings change and CSS injection security vulnerability...

5CVSS3AI score0.01364EPSS

Exploits1References1Affected Software1

Hacker One•added 2019/06/05 8:40 p.m.•102 views

Shopify: HTML injection in https://interviewing.shopify.com/index.php?candidate=

https://interviewing.shopify.com/index.php?candidate= is inserting the value of candidate into the DOM without any filtering except that the equal sign can't appear in the payload, this allows attacker to injection any html in the DOM. Of course reflected XSS payloads like ...something... will be...

1AI score

Exploits0

Hacker One•added 2019/05/22 10:48 a.m.•47 views

phpBB: CSS injection via BB code tag "█████"

The input to the "█████" BBcode tag is not properly filtered. It gets converted into a CSS style attribute for a span HTML element. Quotes " are removed, so there's no way to break out of the CSS style attributed. However it is possible to arbitrarily dress the resulting span element. To illustra...

5CVSS7.3AI score0.01077EPSS

Exploits0

0day.today•added 2019/03/25 12:0 a.m.•137 views

TCPDF 6.2.19 Deserialization / Remote Code Execution Exploit

TCPDF versions 6.2.19 and below suffer from a deserialization vulnerability that can allow for remote code execution. CVE-2018-17057: phar deserialization in TCPDF might lead to RCE --------------------------------------------------------------- Affected products ================= TCPDF While it ...

7.5CVSS0.7AI score0.26172EPSS

Exploits7

Hacker One•added 2019/02/24 11:42 a.m.•41 views

Grammarly: DOM based CSS Injection on grammarly.com

Summary: An attacker can inject an external css file which can lead to phishing attacks and xss in older browsers. Description: Within the main.js file the following code exists: javascript t.prototype.componentWillMount = function var e = this.getCtx.nav.waypoint.query, t = e.extcss, n =...

0.6AI score

Exploits0

Hacker One•added 2018/10/17 3:43 p.m.•2991 views

Chaturbate: Stored XSS on chaturbate.com (wish list)

Hi, I found a stored XSS on chaturbate.com Description The input wishlist in the bio of a user allows him/her to enter CSS properties, however some browsers like Opera or Internet Explorer are vulnerable to XSS through the attribute style. request http POST /accounts/editbio/ HTTP/1.1 Host:...

0.3AI score

Exploits0

Hacker One•added 2018/07/24 6:2 p.m.•250 views

Chaturbate: CSS Injection on /embed/ via bgcolor parameter leaks user's CSRF token and allows for XSS

Hi there, There's a CSS injection here: https://chaturbate.com/embed/admin/?bgcolor=%7D%7Bbackground:red&tour=nvfS&disablesound=0&campaign=iNSGX body, divmain, div.content, div.block, div.section margin: 0px; padding: 0px; body min-width:800px; div.content width: 100%; body background:...

1AI score

Exploits0

Hacker One•added 2018/02/14 3:23 a.m.•91 views

Coinbase: Stored CSS Injection

When creating a product, users can upload a logo. The logourl was not escaped properly, allowing an attacker to inject malicious characters into a style tag. This vulnerability did not allow for XSS due to our CSP, however, it did allow for CSS injection...

6.8AI score

Exploits0

Hacker One•added 2017/10/12 8:42 p.m.•22 views

Avito: CSS injection in avito.ru via IE11

Hi Team Security @avito I discovered CSS Injection on avito.ru in form search via IE11 Description CSS injection vulnerabilities arise when an application imports a style sheet from a user-supplied URL, or embeds user input in CSS blocks without adequate escaping. They are closely related to...

0.5AI score

Exploits0