7657 matches found
WordPress Sell Photo 1.0.5 Cross Site Scripting
Exploit Title: Sell Photo Wordpress Plugin v1.0.5 - Persistent Cross-Site Scripting Date: 2020-08-14 Vendor Homepage: https://noorsplugin.com/ Vendor Changelog: https://wordpress.org/plugins/sell-photo/developers Exploit Author: Melbin K Mathew @melbinkm Author Advisory:...
CVE-2020-15597
SOPlanning 1.46.01 allows persistent XSS via the Project Name, Statutes Comment, Places Comment, or Resources Comment field...
Cross site scripting
SOPlanning 1.46.01 allows persistent XSS via the Project Name, Statutes Comment, Places Comment, or Resources Comment field...
CVE-2020-15597
SOPlanning 1.46.01 allows persistent XSS via the Project Name, Statutes Comment, Places Comment, or Resources Comment field...
CVE-2020-15597
CVE-2020-15597 affects SOPlanning prior to or at version 1.46.01, where persistent XSS is possible through input fields Project Name, Statutes Comment, Places Comment, or Resources Comment due to insufficient input validation. The vulnerability is described across multiple sources (NVD, Red Hat a...
Lindy 42633 Cross-Site Scripting Vulnerability
The Lindy 42633 is a 4-port USB 2.0 Gigabit network server. A persistent cross-site scripting vulnerability exists in Lindy 42633 2.078.000. An attacker can exploit this vulnerability via a specially crafted server name to conduct cross-site scripting attacks...
CVE-2020-15060
Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to conduct persistent XSS attacks by leveraging administrative privileges to set a crafted server name...
CVE-2020-15056
TP-Link USB Network Server TL-PS310U devices before 2.079.000.t0210 allow an attacker on the same network to conduct persistent XSS attacks by leveraging administrative privileges to set a crafted server name...
Cross site scripting
Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to conduct persistent XSS attacks by leveraging administrative privileges to set a crafted server name...
CVE-2020-15056
TP-Link USB Network Server TL-PS310U devices before 2.079.000.t0210 allow an attacker on the same network to conduct persistent XSS attacks by leveraging administrative privileges to set a crafted server name...
CVE-2020-15056
CVE-2020-15056 affects TP-Link TL-PS310U USB Network Server devices up to version 2.079.000.t0210. Affected function is the server name setting under administrative privileges, allowing an attacker on the same network to perform persistent cross-site scripting via a crafted server name. The vulne...
Car Rental Management System 1.0 Cross Site Scripting
Exploit Title: Car Rental Management System v1.0 - Unauthenticated Persistent XSS Session Harvester Exploit Author: Bobby Cooke Date: August 6, 2020 Vendor Homepage: https://projectworlds.in Software Link: https://github.com/projectworlds32/Car-Rental-Syatem-PHP-MYSQL/archive/master.zip Version:...
Daily Expenses Management System 1.0 Cross Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: Daily Expenses Management System 1.0 - Multiple Persistent Cross-Site Scripting Exploit Author: Edo Maland Vendor Homepage: https://www.sourcecodester.com/php/14372/daily-tracker-system-phpmysql.html Software Link:...
Daily Expenses Management System 1.0 Cross SIte Request Forgery Vulnerability
Exploit for php platform in category web applications Exploit Title: Daily Expenses Management System 1.0 - Cross-Site Request Forgery Exploit Author: Edo Maland Vendor Homepage: https://www.sourcecodester.com/php/14372/daily-tracker-system-phpmysql.html Software Link:...
CVE-2020-15944
An issue was discovered in the Gantt-Chart module before 5.5.5 for Jira. Due to missing validation of user input, it is vulnerable to a persistent XSS attack. An attacker can embed the attack vectors in the dashboard of other users. To exploit this vulnerability, an attacker has to be authenticat...
CVE-2020-15944
An issue was discovered in the Gantt-Chart module before 5.5.5 for Jira. Due to missing validation of user input, it is vulnerable to a persistent XSS attack. An attacker can embed the attack vectors in the dashboard of other users. To exploit this vulnerability, an attacker has to be authenticat...
Input validation
An issue was discovered in the Gantt-Chart module before 5.5.5 for Jira. Due to missing validation of user input, it is vulnerable to a persistent XSS attack. An attacker can embed the attack vectors in the dashboard of other users. To exploit this vulnerability, an attacker has to be authenticat...
CVE-2020-15944
An issue was discovered in the Gantt-Chart module before 5.5.5 for Jira. Due to missing validation of user input, it is vulnerable to a persistent XSS attack. An attacker can embed the attack vectors in the dashboard of other users. To exploit this vulnerability, an attacker has to be authenticat...
US Government Warns of a New Strain of Chinese 'Taidoor' Virus
Intelligence agencies in the US have released information about a new variant of 12-year-old computer virus used by China's state-sponsored hackers targeting governments, corporations, and think tanks. Named "Taidoor, " the malware has done an 'excellent' job of compromising systems as early as...
Car Rental Management System 1.0 Cross Site Scripting
Exploit Title: Car Rental Management System v1.0 - Persistent Cross-Site Scripting Unauthenticated Exploit Author: Adeeb Shah @hyd3sec Date: August 3, 2020 Vendor Homepage: https://projectsworld.in/ Software Link:...