Lucene search
+L

172 matches found

OSV
OSV
added 2017/11/15 12:0 a.m.3 views

UBUNTU-CVE-2017-7837

SVG loaded through "" tags can use "" tags within the SVG data to set cookies for that page. This vulnerability affects Firefox 57...

5.3CVSS6.8AI score0.01471EPSS
Exploits0References4
FreeBSD
FreeBSD
added 2017/11/14 12:0 a.m.49 views

mozilla -- multiple vulnerabilities

Mozilla Foundation reports: CVE-2017-7828: Use-after-free of PressShell while restyling layout CVE-2017-7830: Cross-origin URL information leak through Resource Timing API CVE-2017-7831: Information disclosure of exposed properties on JavaScript proxy objects CVE-2017-7832: Domain spoofing throug...

10CVSS7.1AI score0.07439EPSS
Exploits0References2
Packet Storm
Packet Storm
added 2017/09/09 12:0 a.m.33 views

jRank Topsites 1.0 Cross Site Request Forgery / Code Injection

Meta Tags File Footer File /tbody...

0.3AI score
Exploits0
Hacker One
Hacker One
added 2017/02/19 3:31 a.m.22 views

Yelp: Research papers on yelp are getting indexed by google bots.

While playing around to access some private information on yelp.com i was able to get access to research papers on yelp which are not supposed disclose publically. By framing a google dork i got access to most of your documents. Google Dork: site:starbucks.com ext:doc | ext:docx | ext:odt | ext:p...

6.5AI score
Exploits0
Hacker One
Hacker One
added 2016/11/12 8:13 p.m.103 views

VK.com: Stored XSS в личных сообщениях

Lack of data filtration, which leads to stored XSS in instant messenger service. Stored XSS in personal messages. The vulnerability exists due to the lack of filtering data which is taken from the META tags for demonstration preview of the site...

6.1AI score
Exploits0
Hacker One
Hacker One
added 2016/08/17 8:37 a.m.13 views

GitLab: XSS On meta tags in profile page

The profile page https://gitlab.com/u/ does not properly sanitize quotation marks, allowing for injection of attributes into the meta tags. This allows for redirection to phishing sites and other various nefarious things. I've managed to get my profile page to redirect to Bing by setting my bio t...

1.1AI score
Exploits0
Hacker One
Hacker One
added 2016/03/25 3:11 a.m.19 views

Snapchat: XSS found on Snapchat website

Hi Snapchat Team, I've found a reflected XSS vulnerability on this page: https://www.snapchat.com/add/snapchat Example: https://www.snapchat.com/add/%22%3E%3Ch1%3EXSS%3C%2Fh1%3E Note: you should visit the page with a mobile user-agent since the server displays different information based on the...

5.8AI score
Exploits0
NVD
NVD
added 2014/12/10 8:59 p.m.23 views

CVE-2014-9363

Open redirect vulnerability in the path-based meta tag editing form in the Meta tags quick module 7.x-2.x before 7.x-2.8 for Drupal allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via the destination parameter...

5.5CVSS6.4AI score0.01308EPSS
Exploits0References2
NVD
NVD
added 2014/12/10 8:59 p.m.14 views

CVE-2014-9362

Cross-site scripting XSS vulnerability in the path-based meta tag editing form in the Meta tags quick module 7.x-2.x before 7.x-2.8 for Drupal allows remote authenticated users with the "Edit path based meta tags" permission to inject arbitrary web script or HTML via vectors related to deleting a...

3.5CVSS5.2AI score0.00759EPSS
Exploits0References2
Prion
Prion
added 2014/12/10 8:59 p.m.18 views

Cross site scripting

Cross-site scripting XSS vulnerability in the path-based meta tag editing form in the Meta tags quick module 7.x-2.x before 7.x-2.8 for Drupal allows remote authenticated users with the "Edit path based meta tags" permission to inject arbitrary web script or HTML via vectors related to deleting a...

3.5CVSS5.6AI score0.00759EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2014/12/10 8:59 p.m.17 views

Open redirect

Open redirect vulnerability in the path-based meta tag editing form in the Meta tags quick module 7.x-2.x before 7.x-2.8 for Drupal allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via the destination parameter...

5.5CVSS6.8AI score0.01308EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2014/12/10 8:0 p.m.38 views

CVE-2014-9363

Open redirect vulnerability in the path-based meta tag editing form in the Meta tags quick module 7.x-2.x before 7.x-2.8 for Drupal allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via the destination parameter...

6.4AI score0.01308EPSS
Exploits0References2
Cvelist
Cvelist
added 2014/12/10 8:0 p.m.29 views

CVE-2014-9362

Cross-site scripting XSS vulnerability in the path-based meta tag editing form in the Meta tags quick module 7.x-2.x before 7.x-2.8 for Drupal allows remote authenticated users with the "Edit path based meta tags" permission to inject arbitrary web script or HTML via vectors related to deleting a...

5.2AI score0.00759EPSS
Exploits0References2
CVE
CVE
added 2014/12/10 8:0 p.m.40 views

CVE-2014-9363

Open redirect vulnerability CVE-2014-9363 affects Drupal Meta tags quick module (7.x-2.x) prior to 7.x-2.8. The issue allows remote authenticated users to redirect others to arbitrary sites via the destination parameter in the path-based meta tag editing form. Impact is described as enabling phis...

5.5CVSS6.5AI score0.01308EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2014/12/10 8:0 p.m.41 views

CVE-2014-9362

CVE-2014-9362 : A cross-site scripting (XSS) vulnerability in the Drupal contributed module Meta tags quick (7.x-2.x) up to version 7.x-2.7 (not affecting Drupal core) allows remote authenticated users who have the Edit path based meta tags permission to inject arbitrary HTML/JS via the path-base...

3.5CVSS5.3AI score0.00759EPSS
Exploits0References2Affected Software1
Drupal
Drupal
added 2014/07/02 12:0 a.m.26 views

SA-CONTRIB-2014-067 - Meta Tags Quick - Multiple vulnerabilities

Meta tags quick adds meta tags editing to all non-administrative pages of Drupal site. Redirector abuse in path-based meta tag editing form When editing a path-based meta tag, module does not check destination parameter of the URL, allowing attacker to pass arbitrary URL to meta tag editing form...

5.5CVSS5.9AI score0.01308EPSS
Exploits0References11
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.19 views

fresh email script 1.0 - Multiple Vulnerabilities

No description provided by source. 1. +-----------------+-----------------+-----------------+ 2. +-----------------+Fresh Email Script+----------------+ 3. +-----------------versions: 1.0 to 1.11 - all 4. +-----------------exploits: file inclusion & cookie manipulation 5. +-----------------founde...

7.1AI score
Exploits0
w3af
w3af
added 2013/06/10 11:2 p.m.68 views

global_redirect

This plugin finds global redirection vulnerabilities. This kind of bugs are used for phishing and other identity theft attacks. A common example of a global redirection would be a script that takes a "url" parameter and when requesting this page, a HTTP 302 message with the location header to the...

Exploits0
w3af
w3af
added 2013/06/10 11:2 p.m.25 views

meta_tags

This plugin greps every page for interesting meta tags. Some interesting meta tags are the ones that contain : microsoft, visual, linux . Plugin type Grep Options This plugin doesnt have any user configured options. Source For more information about this plugin and the associated tests, theres...

0.5AI score
Exploits0
NVD
NVD
added 2013/01/03 1:55 a.m.22 views

CVE-2012-5654

The Nodewords: D6 Meta Tags module before 6.x-1.14 for Drupal, when configured to automatically generate description meta tags from node text, does not properly filter node content when creating tags, which might allow remote attackers to obtain sensitive information by reading the 1 description,...

4.3CVSS6.3AI score0.01191EPSS
Exploits0References3
Rows per page
Query Builder