CVE-2018-11351

script.php in Jirafeau before 3.4.1 is affected by two stored Cross-Site Scripting XSS vulnerabilities. These are stored within the shared files description file and allow the execution of a JavaScript payload each time an administrator searches or lists uploaded files. These two injections could...

ShopNx 1 Arbitrary File Upload Vulnerability

ShopNx 1 an Angular 5 single page application. ShopNx 1 suffers from an arbitrary file upload vulnerability that allows an attacker to upload a malicious html file or other file containing a JavaScript payload to steal user credentials...

CVE-2018-12519

An issue was discovered in ShopNx through 2017-11-17. The vulnerability allows a remote attacker to upload any malicious file to a Node.js application. An attacker can upload a malicious HTML file that contains a JavaScript payload to steal a user's credentials...

Hardcoded credentials

An issue was discovered in ShopNx through 2017-11-17. The vulnerability allows a remote attacker to upload any malicious file to a Node.js application. An attacker can upload a malicious HTML file that contains a JavaScript payload to steal a user's credentials...

CVE-2018-12519

An issue was discovered in ShopNx through 2017-11-17. The vulnerability allows a remote attacker to upload any malicious file to a Node.js application. An attacker can upload a malicious HTML file that contains a JavaScript payload to steal a user's credentials...

CVE-2018-12519

Summary of CVE-2018-12519 : ShopNx (AngularJS/Node.js/MongoDB-based single-page shopping app) up to 2017-11-17 is vulnerable to an arbitrary file upload in the server-side application. The vulnerability allows a remote attacker to upload a malicious HTML file containing JavaScript payloads, enabl...

Private Message PHP Script 2.0 Cross Site Scripting

Exploit Title: Private Message PHP Script 2.0 - Persistent Cross-Site scripting Date: 2018-05-20 Exploit Author: Borna nematzadeh L0RD Vendor Homepage: https://codecanyon.net/item/private-message-php-script/21027192?srank=1 Version: 2.0 Tested on: Windows Description : Private Message PHP Script...

Private Message PHP Script 2.0 - Persistent Cross-Site scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: Private Message PHP Script 2.0 - Persistent Cross-Site scripting Exploit Author: Borna nematzadeh L0RD Vendor Homepage: https://codecanyon.net/item/private-message-php-script/21027192?srank=1 Version: 2.0 Tested on: Windows...

Severe Bug Discovered in Signal Messaging App for Windows and Linux

Security researchers have discovered a severe vulnerability in the popular end-to-end encrypted Signal messaging app for Windows and Linux desktops which could allow remote attackers to execute malicious code on recipients system just by sending a message—without requiring any user interaction...

Zimbra Collaboration Suite Cross Site Scripting Vulnerability

Exploit for php platform in category web applications COMPASS SECURITY ADVISORY https://www.compass-security.com CVE ID : CVE-2017-8802 Product: Zimbra Collaboration Suite ZCS 1 Vendor: Synacor Inc. 2 Subject: Stored Cross-Site Scripting XSS Vulnerability Risk: High Effect: Exploitable by Anonymo...

RubyGems: [gem server] Stored XSS via crafted JavaScript URL inclusion in Gemspec

Hi, A JavaScript URL injection in the homepage field within a Gemspec file can be leveraged to achieve stored XSS on the default gem server web interface, referenced here. When you install RubyGems, it adds the gem server command to your system. This is the fastest way to start hosting gems. As...

Concrete CMS: Stored XSS in Headline TextControl element in Express forms [ concrete5 8.1.0 ]

Intro Luke, I am your Crayons! Type of issue: Core CMS issue Level of severity: Internal Attack Vector Concrete5 version: 8.1.0 Summary There is Stored XSS vulnerability in Headline element of TextControl Express element. This vulnerability allows malicious user to embed JavaScript code and execu...

GitLab: [RDoc] XSS in project README files

Hi, While experimenting with parser bypass techniques, I discovered that RDoc markup could be used to inject a stored JavaScript payload into a project README.rdoc file. Please note that this issue is separate to my earlier report 200565 XSS with AsciiDoc markup, marked as duplicate. Steps to...

WordPress Canvas - Shortcodes 1.92 Cross Site Scripting

------------------------------------------------------------------------ Stored Cross-Site Scripting in WP Canvas - Shortcodes WordPress Plugin ------------------------------------------------------------------------ Yorick Koster, July 2016...

PortSwigger Web Security: XSS in IE11 on portswigger.net via Flash

Hello Portswigger Security Team, There is a reflective XSS vulnerability in portswigger.net. The flash file https://portswigger.net/burp/tutorials/video-js/video-js.swf is from an old video.js library version 3.2.0 which is vulnerable to XSS. This XSS will be blocked by CSP instruction object-src...

chromium-browser: universal xss in bookmarks

Bookmark handling in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android had insufficient validation of supplied data, which allowed a remote attacker to inject arbitrary scripts or HTML UXSS via crafted HTML pages, as demonstrated by an interpretation confli...

Concrete CMS: ProBlog 2.6.6 CSRF Exploit

Report Because the ProBlogs plugin did not validate the anti-csrf token on a POST request. A victim who is logged in could be fooled into clicking a malicious form styled to look like a link, image, etc which would create a page in their C5 website. Because the ProBlogs plugin does not validate t...

WordPress Kento Post View Counter 2.8 CSRF / Cross Site Scripting

I would like to disclose CSRF and stored XSS vulnerability in Kento post view counter plugin version 2.8 . The vulnerable Fields for XSS are kentopvcnumberslang kentopvctodaytext kentopvctotaltext The combination of CSRF and XSS in this plugin can lead to huge damage of the website, as the two...

X (Formerly Twitter): XSS using javascript:alert(8007)

I want to report a xss bug. On apps.twitter.com I logged in and start with new app. In new app there is a feild: website: where user has to gave website of app. I just put javascript:alert8007 pay load and popup appears...

SRC-2016-0002 : ATutor LMS Multiple Reflected Cross Site Scripting Vulnerabilities

Vulnerability Details: A total of 704 reflected Cross Site Scripting XSS vulnerabilities were found that can allow remote attackers to inject arbitrary web script or html via unspecified parameters against vulnerable installations of ATutor. User interaction is required to exploit this...