PT-2021-15976 · WordPress · Profilepress

Name of the Vulnerable Software and Affected Versions: User Registration, User Profiles, Login & Membership – ProfilePress Formerly WP User Avatar WordPress plugin versions prior to 3.1.8 Description: The issue allows high privilege users, such as admins, to set JavaScript payloads in some...

NCH Axon PBX 跨站脚本漏洞

NCH Axon PBX is a set of virtual telephone exchange software used in business environments. The software is primarily used to manage telephone call centers and implements the functionality of a telephone switch in software.A security vulnerability exists in NCH Axon PBX due to the lack of...

ProfilePress < 3.1.8 - Authenticated Stored XSS

The plugin did not sanitise or escape some of its settings before saving them and outputting them back in the page, allowing high privilege users such as admin to set JavaScript payloads in them even when the unfilteredhtml capability is disallowed, leading to an authenticated Stored Cross-Site...

WordPress RSS for Yandex Turbo Plugin 1.29 - Stored Cross-Site Scripting (XSS) Vulnerability

Exploit Title: WordPress Plugin RSS for Yandex Turbo 1.29 - Stored Cross-Site Scripting XSS Exploit Author: Himamshu Dilip Kulkarni Software Link: https://wordpress.org/plugins/rss-for-yandex-turbo/ Version: 1.29 Tested on: Windows Steps to reproduce vulnerability: 1. Install WordPress 5.6 2...

RSS for Yandex Turbo < 1.30 - Authenticated Stored Cross-Site Scripting (XSS)

The plugin did not properly sanitise the user inputs from its Счетчики settings tab before outputting them back in the page, leading to authenticated stored Cross-Site Scripting issues PoC As admin, Navigate to Setting Яндекс.Турбо Счетчики and enter a payload such as " onmouseover="alert1 into a...

CVE-2020-25761

Projectworlds Visitor Management System in PHP 1.0 allows XSS. The file myform.php does not perform input validation on the request parameters. An attacker can inject javascript payloads in the parameters to perform various attacks such as stealing of cookies,sensitive information etc...

Input validation

Projectworlds Visitor Management System in PHP 1.0 allows XSS. The file myform.php does not perform input validation on the request parameters. An attacker can inject javascript payloads in the parameters to perform various attacks such as stealing of cookies,sensitive information etc...

CVE-2020-25761

Projectworlds Visitor Management System in PHP 1.0 allows XSS. The file myform.php does not perform input validation on the request parameters. An attacker can inject javascript payloads in the parameters to perform various attacks such as stealing of cookies,sensitive information etc...

Visitor Management System in PHP 1.0 - Persistent Cross-Site Scripting

Title: Visitor Management System in PHP 1.0 - Persistent Cross-Site Scripting Exploit Author: Rahul Ramkumar Date: 2020-09-16 Vendor Homepage: https://projectworlds.in Software Link: https://projectworlds.in/wp-content/uploads/2020/07/Visitor-Management-System-in-PHP.zip Version: 1.0 Tested On:...

Visitor Management System In PHP 1.0 Cross Site Scripting

Title: Visitor Management System in PHP 1.0 - Unauthenticated Stored XSS Exploit Author: Rahul Ramkumar Date: 2020-09-16 Vendor Homepage: https://projectworlds.in Software Link: https://projectworlds.in/wp-content/uploads/2020/07/Visitor-Management-System-in-PHP.zip Version: 1.0 Tested On: Window...

Cross-site Scripting (XSS) - Generic in forkcms/forkcms

Description ForkCMS is an easy to use open source CMS using Symfony Components this package is vulnerable to Stored Cross-Site Scripting XSS. https://github.com/forkcms/forkcms Steps To Reproduce-: 1 install https://github.com/forkcms/forkcms locally or https://demo.fork-cms.com/private/ use demo...

Pornhub: Self-XSS to Good-XSS - pornhub.com

The researcher was able to bypass the site-wide clickjacking protection X-Frame-Options header in order to fully automate the exploitation of a self-xss vulnerability, allowing attackers to execute arbitrary javascript payloads on the pornhub domain through iframes hosted on a third-party website...

GHSA-MXJR-XMCG-FG7W Arbitrary Code Injection in mobile-icon-resizer

mobile-icon-resizer resizes large images for use as icons for iOS and Android. mobile-icon-resizer has a code execution vulnerability in versions before 0.4.3. mobile-icon-resizer takes an options object as an argument to define the resulting icons as such: var options = config: './config.js'...

Arbitrary Code Injection in mobile-icon-resizer

mobile-icon-resizer resizes large images for use as icons for iOS and Android. mobile-icon-resizer has a code execution vulnerability in versions before 0.4.3. mobile-icon-resizer takes an options object as an argument to define the resulting icons as such: var options = config: './config.js'...

Starbucks: Reflected XSS in https://www.starbucks.co.jp/store/search/

NOTE! Thanks for submitting a report! Please replace all the square sections below with the pertinent details. Please indicate NA, if not applicable. Remember, the more detail you provide, the easier it is for us to verify and then potentially issue a bounty, so be sure to take your time filling...

WSO2 Identity Server dashboard cross-site scripting vulnerability

WSO2 Identity Server is a U.S. WSO2 company's open source identity services , it supports Information Cards, OpenID and XACML identity framework. dashboard is one of the dashboard components. A cross-site scripting vulnerability exists in dashboard in WSO2 Identity Server version 5.5.0. A remote...

Obfuscation in the Wild: Targeted Attackers Lead the Way in Evasion Techniques

Throughout 2017 we have observed a marked increase in the use of command line evasion and obfuscation by a range of targeted attackers. Cyber espionage groups and financial threat actors continue to adopt the latest cutting-edge application whitelisting bypass techniques and introduce innovative...

Obfuscation in the Wild: Targeted Attackers Lead the Way in Evasion Techniques

Throughout 2017 we have observed a marked increase in the use of command line evasion and obfuscation by a range of targeted attackers. Cyber espionage groups and financial threat actors continue to adopt the latest cutting-edge application whitelisting bypass techniques and introduce innovative...

Navetti PricePoint 4.6.0.0 - SQL Injection Cross-Site Scripting Cross-Site Request Forgery

Navetti PricePoint 4.6.0.0 - SQL Injection Cross-Site Scripting Cross-Site Request Forgery ======================================================================= title: Multiple vulnerabilities product: Navetti PricePoint vulnerable version: 4.6.0.0 fixed version: 4.7.0.0 or higher CVE number: -...

Arbitrary Code Injection

Overview mobile-icon-resizer resizes large images for use as icons for iOS and Android. mobile-icon-resizer has a code execution vulnerability in versions before 0.4.3. mobile-icon-resizer takes an options object as an argument to define the resulting icons as such: var options = config:...