Lucene search
+L

161 matches found

Huntr
Huntr
added 2020/11/03 12:0 a.m.18 views

Cross-site Scripting (XSS) - Generic in frappe/charts

Description frappe-charts is vulnerable to Cross-Site Scripting XSS. Steps To Reproduce 1. Open NPM repo https://www.npmjs.com/package/frappe-charts 2. Open the Explore demos https://frappe.io/charts 3. At the bottom find the sandbox Ref:...

0.5AI score
Exploits0References2
Kitploit
Kitploit
added 2020/10/21 11:30 a.m.1522 views

Pwndoc - Pentest Report Generator

PwnDoc is a pentest reporting application making it simple and easy to write your findings and generate a customizable Docx report. The main goal is to have more time to Pwn and less time to Doc by mutualizing data like vulnerabilities between users. Documentation Installation Data Vulnerabilitie...

7.5AI score
Exploits0References6
Carbon Black Blog
Carbon Black Blog
added 2020/09/29 3:0 p.m.35 views

Intrinsic Security at VMworld 2020

VMworld 2020 kicked off today and for the first time ever, hundreds of security experts took the virtual stage to unveil how organizations can build a future read business with a truly unified security approach. Not able to attend all the sessions you wanted to today? Check out our highlights bel...

0.4AI score
Exploits0
Openbugbounty
Openbugbounty
added 2020/09/14 5:55 p.m.9 views

demos.9lessons.info Cross Site Scripting vulnerability OBB-1336709

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

6.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2020/08/25 10:25 a.m.10 views

demos-server.com Cross Site Scripting vulnerability OBB-1275487

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

6.2AI score
Exploits0
Qualys Blog
Qualys Blog
added 2020/08/04 4:42 p.m.25 views

Join us at Black Hat USA 2020!

Qualys is excited to present two sponsored sessions at the Black Hat USA 2020 virtual event, open to all attendees with the free Business Hall pass. Register or log in to Black Hat USA 2020, and then view and register for these free sessions. Join us to learn about our new multi-vector EDR soluti...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2020/03/28 12:0 a.m.402 views

Webexcels Ecommerce CMS 2.x SQL Injection / Cross Site Scripting

Exploit Title: Webexcels Ecommerce CMS SQL Injection & XSS Vulnerability Google Dork: intext:intext:" By WEB EXCELS "+inurl:"?Id=" Date: 2020-03-27 Exploit Author: @ThelastVvV Vendor Homepage: https://www.webexcels.com/ Version: 2.x 2017,2018,2019,2020 Tested on: Ubuntu...

0.2AI score
Exploits0
0day.today
0day.today
added 2020/03/28 12:0 a.m.263 views

Webexcels Ecommerce CMS 2.x SQL Injection / Cross Site Scripting Vulnerabilities

Exploit for php platform in category web applications Exploit Title: Webexcels Ecommerce CMS SQL Injection & XSS Vulnerability Google Dork: intext:intext:" By WEB EXCELS "+inurl:"?Id=" Exploit Author: @ThelastVvV Vendor Homepage: https://www.webexcels.com/ Version: 2.x 2017,2018,2019,2020 Tested...

Exploits0
Cvelist
Cvelist
added 2019/12/27 6:53 p.m.18 views

CVE-2014-4544

Cross-site scripting XSS vulnerability in the Podcast Channels plugin 0.20 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the Filename parameter to getid3/demos/demo.write.php...

6.2AI score0.03779EPSS
Exploits1References1
CVE
CVE
added 2019/12/27 6:50 p.m.170 views

CVE-2014-4539

CVE-2014-4539 : A cross-site scripting (XSS) flaw in the WordPress Movies plugin (versions 0.6 and earlier) exists due to insufficient validation in the filename parameter of getid3/demos/demo.mimeonly.php. This allows remote attackers to inject arbitrary script/HTML, potentially executing code i...

6.1CVSS6.1AI score0.03983EPSS
Exploits2References1Affected Software1
Akamai Blog
Akamai Blog
added 2019/11/14 5:30 p.m.56 views

Visit Akamai at AWS re:Invent 2019

From December 2-6, the Las Vegas Strip will be jam-packed with tens of thousands of developers, engineers, admins, architects, and other technologists for AWS re:Invent, the annual learning conference hosted by Amazon Web Services for the global cloud computing community. Akamai is excited to be ...

0.2AI score
Exploits0
Wallarm Lab
Wallarm Lab
added 2019/03/28 4:58 p.m.51 views

Visit Wallarm at Google Cloud Next

April 9–11, San Francisco, CA We are excited to join the community of the GCP professionals and demonstrate Wallarm web and API protection solutions custom-built for Google Cloud-powered applications. A certified GCP-partner, Wallarm delivers AI-powered security solution built to help your busine...

0.1AI score
Exploits0
Kitploit
Kitploit
added 2019/01/17 12:28 p.m.129 views

Commix v2.7 - Automated All-in-One OS Command Injection And Exploitation Tool

Commix short for command injection exploiter is an automated tool written by Anastasios Stasinopoulos @ancst that can be used from web developers, penetration testers or even security researchers in order to test web-based applications with the view to find bugs, errors or vulnerabilities related...

8.3AI score
Exploits0References17
vulnersOsv
vulnersOsv
added 2019/01/07 7:14 p.m.4 views

org.apache.karaf.demos:web (=4.1.0) potentially affected by CVE-2018-11787 via org.apache.karaf:apache-karaf (=4.1.0)

org.apache.karaf:apache-karaf MAVEN version =4.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.karaf:apache-karaf and may be impacted: - org.apache.karaf.demos:web =4.1.0 Source cves: CVE-2018-11787 Source advisory: OSV:GHSA-CQ9C-55R7-45...

8.1CVSS7.2AI score0.02573EPSS
Exploits0
OSV
OSV
added 2018/11/17 5:29 p.m.4 views

CVE-2018-19340

Guriddo Form PHP 5.3 has XSS via the demos/jqform/defaultnodb/default.php OrderID, ShipName, ShipAddress, ShipCity, ShipPostalCode, ShipCountry, Freight, or details parameter...

6.1CVSS5.8AI score0.00707EPSS
Exploits1References1
NVD
NVD
added 2018/11/17 5:29 p.m.27 views

CVE-2018-19340

Guriddo Form PHP 5.3 has XSS via the demos/jqform/defaultnodb/default.php OrderID, ShipName, ShipAddress, ShipCity, ShipPostalCode, ShipCountry, Freight, or details parameter...

6.1CVSS6.1AI score0.00707EPSS
Exploits1References1
Oracle linux
Oracle linux
added 2018/11/05 12:0 a.m.44 views

X.org X11 security, bug fix, and enhancement update

freeglut 3.0.0-8 - HTTPS URLs - Pin soname to libglut.so.3 in the %files glob 3.0.0-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora28MassRebuild 3.0.0-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora27BinutilsMassRebuild 3.0.0-5 - Rebuilt for...

9.8CVSS9.6AI score0.05907EPSS
Exploits0
Information Security Automation
Information Security Automation
added 2018/03/20 3:34 p.m.216 views

My short review of “The Forrester Wave: Vulnerability Risk Management, Q1 2018”

Last week, March 14, Forrester presented new report about Vulnerability Risk Management VRM market. You can purchase it on official site for $2495 USD or get a free reprint on Rapid7 site. Thanks, Rapid7! I've read it and what to share my impressions. I was most surprised by the leaders of the...

6.7AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/12/23 1:22 p.m.11 views

demos.9lessons.info XSS vulnerability

Open Bug Bounty ID: OBB-457737 Description| Value ---|--- Affected Website:| demos.9lessons.info Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Che...

6.4AI score
Exploits0
Akamai Blog
Akamai Blog
added 2017/08/31 1:24 p.m.65 views

Girls Who Code: That's a Wrap!

The Summer Immersion Program for Girls Who Code at Akamai wrapped up this past week. The girls finished their final projects and presented them at a graduation ceremony attended by friends and family as well as supporters and mentors from Akamai. The girls were divided into five teams for their...

7.1AI score
Exploits0
Rows per page
Query Builder