2424 matches found
[20190403] - Core - Object.prototype pollution in JQuery $.extend
The $.extend method of JQuery is vulnerable to Object.prototype pollution attacks...
PT-2019-1889
Name of the Vulnerable Software and Affected Versions jQuery versions 1.1.4 through 3.4.0 Description The issue is related to the jQuery.extend function, which mishandles the proto property, allowing an attacker to exploit Object.prototype pollution. This could lead to a denial of service,...
Back To Top - Moderately critical - Cross Site Scripting - SA-CONTRIB-2019-040
This module enables you to add a button that hovers in the bottom of your screen and allows users to smoothly scroll up the page using jQuery. The module doesn't sufficiently sanitize the code that gets printed on pages leading to a Cross Site Scripting XSS issue. This vulnerability is mitigated ...
jQuery UI < 1.10.0 Multiple Vulnerabilities
According to its self-reported version number, jQuery UI is prior to 1.10.0. Therefore, it may be affected by multiple vulnerabilities : - Cross-Site Scripting XSSS due to improper escaping of the tooltip title attribute. - Cross-Site Scripting XSS due to improper escaping of the title option in...
jQuery UI < 1.12.0 Cross-Site Scripting
According to its self-reported version number, jQuery UI is prior to 1.12.0. Therefore, it may be affected by a Cross-Site Scripting XSS vulnerability due to improper escaping of the closeText property. Note that the scanner has not tested for these issues but has instead relied only on the...
Mail.ru: Seven DOM-Based XSS Vulnerabilities | Execution in Login Sequence
DOM based XSS in tz.mail.ru tz.mail.ru belongs to extended scope I was able to exploit DOM XSS at the following endpoints. The vulnerability was exploitable on forbidden pages and the root cause lies in jquery. text https://tz.mail.ru/a/ https://tz.mail.ru/a/js/ https://tz.mail.ru/www/...
FreeBSD : rt -- XSS via jQuery (416ca0f4-3fe0-11e9-bbdd-6805ca0b3d42)
BestPractical reports : The version of jQuery used in RT 4.2 and 4.4 has a Cross-site Scripting XSS vulnerability when using cross-domain Ajax requests. This vulnerability is assigned CVE-2015-9251. RT does not use this jQuery feature so it is not directly vulnerable. jQuery version 1.12 no longe...
rt -- XSS via jQuery
BestPractical reports: The version of jQuery used in RT 4.2 and 4.4 has a Cross-site Scripting XSS vulnerability when using cross-domain Ajax requests. This vulnerability is assigned CVE-2015-9251. RT does not use this jQuery feature so it is not directly vulnerable. jQuery version 1.12 no longer...
Joomla ModPPCSimpleSpotLight 1.2 / 3.0 CSRF / Shell Upload
Exploit Title : Joomla ModPPCSimpleSpotLight Modules 1.2/3.0 CSRF Shell Upload Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 04/03/2019 Vendor Homepage : pixelpointcreative.com Software Download Link :...
ZRECore 1.3.1 Database Configuration Disclosure
Exploit Title : ZRECore 1.3.1 Database Config Disclosure Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 14/02/2019 Vendor Homepage : zend.com Software Download Link : github.com/zrecore/ZRECore/archive/master.zip Software Information Link :...
Cross-site Scripting (XSS)
jquery.terminal is vulnerable to cross-site scripting. It does not properly handle the formatting for backspaces and escape characters for terminal echo, allowing injection of malicious payload if the setting for anyLinks or invokeMethods is true...
Blueimp jQuery File Upload 9.22.0 Arbitrary File Upload
Exploit Title: Exploit for Blueimp's jQuery File Upload include include include include include include define BSIZE 1024 define DEBUG 1 define TESTONLY 0 void buildstring char p, char path, char arg, char ar1, int func; int main int argc, char argv int sock = 0, bytesread = 0, total = 0, functio...
Reflected Cross-Site Scripting
Overview Versions of jquery.terminal prior to 1.21.0 are vulnerable to Reflected Cross-Site Scripting. If the application has either of the options anyLinks or invokeMethods set to true, the application may execute arbitrary JavaScript through crafted malicious payloads due to insufficient...
Blueimp's jQuery File Upload 9.22.0 - Arbitrary File Upload Exploit
Exploit Title: Exploit for Blueimp's jQuery File Upload include include include include include include define BSIZE 1024 define DEBUG 1 define TESTONLY 0 void buildstring char p, char path, char arg, char ar1, int func; int main int argc, char argv int sock = 0, bytesread = 0, total = 0, functio...
Blueimps jQuery File Upload 9.22.0 - Arbitrary File Upload Exploit
Blueimps jQuery File Upload 9.22.0 - Arbitrary File Upload Exploit Exploit Title: Exploit for Blueimp's jQuery File Upload include include include include include include define BSIZE 1024 define DEBUG 1 define TESTONLY 0 void buildstring char p, char path, char arg, char ar1, int func; int main...
Cross-site Scripting (XSS) Via Dialog CloseText
jquery-ui is vulnerable to cross-site scripting XSS attacks. A malicious user can execute arbitrary code to the closeText parameter of the dialog function...
Cross-site Scripting (XSS)
jquery-ui is vulnerable to cross-site scripting XSS attacks. A malicious user can inject and execute arbitrary script via the dialog due to a lack of sanitization...
Roxy Fileman 1.4.5 - Unrestricted File Upload Directory Traversal
Roxy Fileman 1.4.5 - Unrestricted File Upload Directory Traversal ====================================================================== Exploit Title:: Multiple Vulnerabilities Software: Roxy Fileman Version: 1.4.5 Vendor Homepage: http://www.roxyfileman.com/ Software Link:...
HackerOne: Cross-site Scripting (XSS) on HackerOne careers page
Dear HackerOne team, Summary: I found DOM XSS at endpoint https://www.hackerone.com/careers, but can not bypass CSP. It's work on IE and Edge. Steps To Reproduce - JS file is "Masonry js file", vulnerability code: javascript //Checking for potential Lever source or origin parameters var pageUrl =...
Fedora 28 : python-XStatic-jquery-ui (2018-f972c1b36e)
Update Python 2 dependency declarations to new packaging standards Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing...