Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

123 matches found

Hacker One
Hacker Oneadded 2016/06/17 11:35 a.m.37 views

Nextcloud: Stored XSS on Share-popup of a directory's Gallery-view

Hi, Nice with the program launch! Congrats! I noticed that there was a Share-icon when toggling to the Gallery-view of a directory under "Nextcloud Files": F99938 If your directory has a malicious name such as a HTML-payload: , this HTML will run when clicking on the Share-icon: F99937 I see that...

3.5CVSS0.1AI score0.01373EPSS
Exploits1
Packet Storm
Packet Stormadded 2011/11/29 12:0 a.m.60 views

Android content:// Information Disclosure

Android Data Stealing Web PageClick: Malicious Link"; // Stage 1: Redirect to Stage 2 which will force a download of the HTML/JS payload, then a few seconds later redirect // to the payload. We load the payload using a Content Provider so...

4.3CVSS6.6AI score0.26952EPSS
Exploits8
Prion
Prionadded 2009/01/28 6:30 p.m.17 views

Cross site scripting

Cross-site scripting XSS vulnerability in Web Dynpro WD in the SAP NetWeaver portal, when Internet Explorer 7.0.5730 is used, allows remote attackers to inject arbitrary web script or HTML via a crafted URI, which causes the XSS payload to be reflected in a text/plain document...

4.3CVSS5.3AI score0.01528EPSS
Exploits0References9
Rows per page
Query Builder