ipaddress.com XSS vulnerability

Open Bug Bounty ID: OBB-399458 Description| Value ---|--- Affected Website:| ipaddress.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat She...

Mitsubishi Electric E-Designer BEGalil Driver Configuration IPAddress Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mitsubishi Electric E-Designer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

Mitsubishi Electric E-Designer BEYaskawaSMC Driver Configuration IPAddress Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mitsubishi Electric E-Designer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

Command execution vulnerability in the slaveip and virtual_ipaddress parameters of Kirin bastion machine

Kirin Fortress is the open source operations and maintenance fortress. A command execution vulnerability exists in the slaveip and virtualipaddress parameters of the KyLin Fortress, which can be exploited by an attacker to execute arbitrary code because the parameters are not specially filtered...

WordPress Zero Spam <= 2.1.1 - Unauthenticated Blind SQL Injection

The WordPress Zero Spam WordPress plugin was affected by an Unauthenticated Blind SQL Injection security vulnerability. HTTP request header: Client-IP: '+select0fromselectsleep10v+'...

WordPress iQ Block Country Plugin <= 1.1.19 - Cross Site Scripting

Because of this vulnerability, the attackers can inject arbitrary web script or HTML. Vulnerable parameter is "ipaddress". Solution Update this plugin...

WordPress iQ Block Country Plugin <= 1.1.19 - Cross Site Scripting

Because of this vulnerability, the attackers can inject arbitrary web script or HTML. Vulnerable parameter is "ipaddress". Solution Update this plugin...

CVE-2014-8388

Stack-based buffer overflow in Advantech WebAccess, formerly BroadWin WebAccess, before 8.0 allows remote attackers to execute arbitrary code via a crafted ipaddress parameter in an HTML document...

Advantech WebAccess dvs.ocx IPAddress Stack Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Updated net-snmp packages fix CVE-2012-6151

Updated net-snmp packages fix security vulnerability: Net-SNMP 5.7.1 and earlier, when AgentX is registering to handle a MIB and processing GETNEXT requests, allows remote attackers to cause a denial of service crash or infinite loop, CPU consumption, and hang by causing the AgentX subagent to...

Microsoft windows remote desktop PoC C# Exploit

It Case The Dead Blue Screen :D 4 DoS ! //ms12-020 "chinese shit" PoC //Tested On Win7 Ultimate & Win 2008 Server & Win 2003 Serrver R2 //C Coded By Yomi :D using System; using System.Net; using System.Net.Sockets; namespace RDPPoCExploit class Program public static readonly string strshell =...

CVE-2011-5150

Multiple cross-site scripting XSS vulnerabilities in SpamTitan 5.07 and possibly earlier allow remote attackers or authenticated users to inject arbitrary web script or HTML via the 1 ipaddress or 2 domain parameter to setup-network.php, different vectors than CVE-2011-5149. NOTE: the provenance ...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in SpamTitan 5.07 and possibly earlier allow remote attackers or authenticated users to inject arbitrary web script or HTML via the 1 ipaddress or 2 domain parameter to setup-network.php, different vectors than CVE-2011-5149. NOTE: the provenance ...

CVE-2011-5150

CVE-2011-5150 describes multiple XSS vulnerabilities in SpamTitan 5.07 and possibly earlier. The issue allows remote attackers or authenticated users to inject arbitrary JavaScript/HTML via the (1) ipaddress or (2) domain parameter to setup-network.php, representing a different vector from CVE-20...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Milkeyway Captive Portal 0.1 and 0.1.1 allow remote attackers to inject arbitrary web script or HTML via the 1 ipAddress, 2 act, 3 username, and 4 unspecified other parameters in a authuser.php; and the 5 username and 6 unspecified other...

Hosting Controller &lt;= 6.1 HotFix 2.2 Add Domain without Quota Exploit

No description provided by source. !-- Change url /str0ke -- form method="post" name="addform" action="http://url/admin/iis/IISActions.asp?ActionType=AddSite&hostcustid=1&hostingplans=1" table tr class="looplistingDark" td width="19%" class="Contents"Website Name : /td td width="73%"...

CVE-2022-3530

Removed by vendor...