7660 matches found
MyBB Plugin Downloads 2.0.3 - Cross-Site Scripting
Exploit Title: MyBB Downloads Plugin v2.0.3 - Persistent XSS Date: 3/28/18 Author: 0xB9 Contact: luxorforums.com/User-0xB9 or 0xB9atprotonmail.com Software Link: https://community.mybb.com/mods.php?action=view&pid=854 Version: 2.0.3 Tested on: Ubuntu 17.10 1. Description: It is a plugin which add...
MyBB Downloads 2.0.3 Cross Site Scripting
Exploit Title: MyBB Downloads Plugin v2.0.3 - Persistent XSS Date: 3/28/18 Author: 0xB9 Contact: luxorforums.com/User-0xB9 or 0xB9atprotonmail.com Software Link: https://community.mybb.com/mods.php?action=view&pid=854 Version: 2.0.3 Tested on: Ubuntu 17.10 1. Description: It is a plugin which add...
Sandoba CP:Shop CMS 2016.1 Cross Site Scripting
Document Title: =============== Sandoba CP:Shop CMS v2016.1 - Multiple Cross Site Scripting Vulnerabilities References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2122 Release Date: ============= 2018-03-02 Vulnerability Laboratory ID VL-ID:...
AEF CMS 1.0.9 Cross Site Scripting
Document Title: =============== AEF CMS v1.0.9 - PM Persistent Cross Site Scripting Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2123 Release Date: ============= 2018-02-18 Vulnerability Laboratory ID VL-ID:...
CVE-2015-9257
BMC Remedy Action Request AR System 9.0 before 9.0.00 Service Pack 2 hot fix 1 has persistent XSS...
CVE-2015-9257
CVE-2015-9257 affects BMC Remedy Action Request (AR) System 9.0 prior to 9.0.00 Service Pack 2 hot fix 1. A persistent XSS vulnerability exists in Remedy AR System; impact is web UI based. To remediate, apply 9.0.00 SP2 hot fix 1 (or equivalent patched release) per linked disclosures. No exploita...
MyBB Last User's Threads In Profile 1.2 Cross Site Scripting
Exploit Title: MyBB Last User's Threads in Profile Plugin v1.2 - Persistent XSS Date: 3/19/2018 Author: 0xB9 Contact: luxorforums.com/User-0xB9 or 0xB9atprotonmail.com Software Link: https://community.mybb.com/mods.php?action=view&pid=910 Version: v1.2 Tested on: Ubuntu 17.10 1. Description:...
MyBB Plugin Last User's Threads in Profile Plugin 1.2 - Persistent Cross-Site Scripting
Exploit Title: MyBB Last User's Threads in Profile Plugin v1.2 - Persistent XSS Date: 3/19/2018 Author: 0xB9 Contact: luxorforums.com/User-0xB9 or 0xB9atprotonmail.com Software Link: https://community.mybb.com/mods.php?action=view&pid=910 Version: v1.2 Tested on: Ubuntu 17.10 1. Description:...
Cross site scripting
Gitlab Community Edition version 10.2.4 is vulnerable to lack of input validation in the CI job component resulting in persistent cross site scripting...
CVE-2017-0917
Gitlab Community Edition version 10.2.4 is vulnerable to lack of input validation in the CI job component resulting in persistent cross site scripting...
CVE-2017-0917
CVE-2017-0917: GitLab Community Edition v10.2.4 vulnerability in the CI job component due to lack of input validation, causing persistent cross-site scripting. Confirmed details across multiple sources indicate a remote attacker could inject arbitrary script via CI job output, leading to potentia...
CVE-2017-0924
CVE-2017-0924 affects GitLab Community Edition 10.2.4, with a lack of input validation in the labels component that enables persistent cross-site scripting (XSS). Multiple sources (NVD entry for CVE-2017-0924, OpenVAS NASL, CNVD entry) corroborate that the vulnerability is tied to the labels comp...
CVE-2017-0917
Removed by vendor...
CVE-2017-0924
Removed by vendor...
Coship RT3052 Wireless Router - Persistent Cross-Site Scripting
Exploit Title: Coship RT3052 Wireless Router - Persistent Cross Site Scripting XSS Date: 2018-03-18 Exploit Author: Sayan Chatterjee Vendor Homepage: http://en.coship.com/ Category: Hardware Wifi Router Version: 4.0.0.48 Tested on: Windows 10 CVE: CVE-2018-8772 Proof of Concept =================...
13 Critical Flaws Discovered in AMD Ryzen and EPYC Processors
Security researchers claimed to have discovered 13 critical Spectre/Meltdown-like vulnerabilities throughout AMD's Ryzen and EPYC lines of processors that could allow attackers to access sensitive data, install persistent malware inside the chip, and gain full access to the compromised systems. A...
CVE-2016-9589
Undertow in Red Hat wildfly before version 11.0.0.Beta1 is vulnerable to a resource exhaustion resulting in a denial of service. Undertow keeps a cache of seen HTTP headers in persistent connections. It was found that this cache can easily exploited to fill memory with garbage, up to "max-headers...
CVE-2016-9589
Undertow in Red Hat wildfly before version 11.0.0.Beta1 is vulnerable to a resource exhaustion resulting in a denial of service. Undertow keeps a cache of seen HTTP headers in persistent connections. It was found that this cache can easily exploited to fill memory with garbage, up to "max-headers...
D-Link DIR-600M Wireless - Cross-Site Scripting
Exploit Title: D-Link DIR-600M Wireless - Persistent Cross Site Scripting Date: 11.02.2018 Vendor Homepage: http://www.dlink.co.in Hardware Link: http://www.dlink.co.in/products/?pid=DIR-600M Category: Hardware Exploit Author: Prasenjit Kanti Paul Web: http://hack2rule.wordpress.com/ Hardware...
D-Link DIR-600M Wireless Cross Site Scripting
Exploit Title: D-Link DIR-600M Wireless - Persistent Cross Site Scripting Date: 11.02.2018 Vendor Homepage: http://www.dlink.co.in Hardware Link: http://www.dlink.co.in/products/?pid=DIR-600M Category: Hardware Exploit Author: Prasenjit Kanti Paul Web: http://hack2rule.wordpress.com/ Hardware...