Lucene search
K

7660 matches found

Exploit DB
Exploit DB
added 2018/04/05 12:0 a.m.39 views

MyBB Plugin Downloads 2.0.3 - Cross-Site Scripting

Exploit Title: MyBB Downloads Plugin v2.0.3 - Persistent XSS Date: 3/28/18 Author: 0xB9 Contact: luxorforums.com/User-0xB9 or 0xB9atprotonmail.com Software Link: https://community.mybb.com/mods.php?action=view&pid=854 Version: 2.0.3 Tested on: Ubuntu 17.10 1. Description: It is a plugin which add...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2018/04/05 12:0 a.m.92 views

MyBB Downloads 2.0.3 Cross Site Scripting

Exploit Title: MyBB Downloads Plugin v2.0.3 - Persistent XSS Date: 3/28/18 Author: 0xB9 Contact: luxorforums.com/User-0xB9 or 0xB9atprotonmail.com Software Link: https://community.mybb.com/mods.php?action=view&pid=854 Version: 2.0.3 Tested on: Ubuntu 17.10 1. Description: It is a plugin which add...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2018/03/28 12:0 a.m.46 views

Sandoba CP:Shop CMS 2016.1 Cross Site Scripting

Document Title: =============== Sandoba CP:Shop CMS v2016.1 - Multiple Cross Site Scripting Vulnerabilities References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2122 Release Date: ============= 2018-03-02 Vulnerability Laboratory ID VL-ID:...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2018/03/27 12:0 a.m.47 views

AEF CMS 1.0.9 Cross Site Scripting

Document Title: =============== AEF CMS v1.0.9 - PM Persistent Cross Site Scripting Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2123 Release Date: ============= 2018-02-18 Vulnerability Laboratory ID VL-ID:...

7.1AI score
Exploits0
Cvelist
Cvelist
added 2018/03/24 8:0 p.m.16 views

CVE-2015-9257

BMC Remedy Action Request AR System 9.0 before 9.0.00 Service Pack 2 hot fix 1 has persistent XSS...

6.3AI score0.00647EPSS
Exploits0References1
CVE
CVE
added 2018/03/24 8:0 p.m.47 views

CVE-2015-9257

CVE-2015-9257 affects BMC Remedy Action Request (AR) System 9.0 prior to 9.0.00 Service Pack 2 hot fix 1. A persistent XSS vulnerability exists in Remedy AR System; impact is web UI based. To remediate, apply 9.0.00 SP2 hot fix 1 (or equivalent patched release) per linked disclosures. No exploita...

6.1CVSS6.3AI score0.00647EPSS
Exploits0References1Affected Software1
Packet Storm
Packet Storm
added 2018/03/23 12:0 a.m.20 views

MyBB Last User's Threads In Profile 1.2 Cross Site Scripting

Exploit Title: MyBB Last User's Threads in Profile Plugin v1.2 - Persistent XSS Date: 3/19/2018 Author: 0xB9 Contact: luxorforums.com/User-0xB9 or 0xB9atprotonmail.com Software Link: https://community.mybb.com/mods.php?action=view&pid=910 Version: v1.2 Tested on: Ubuntu 17.10 1. Description:...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2018/03/23 12:0 a.m.43 views

MyBB Plugin Last User's Threads in Profile Plugin 1.2 - Persistent Cross-Site Scripting

Exploit Title: MyBB Last User's Threads in Profile Plugin v1.2 - Persistent XSS Date: 3/19/2018 Author: 0xB9 Contact: luxorforums.com/User-0xB9 or 0xB9atprotonmail.com Software Link: https://community.mybb.com/mods.php?action=view&pid=910 Version: v1.2 Tested on: Ubuntu 17.10 1. Description:...

7AI score
Exploits0
Prion
Prion
added 2018/03/21 8:29 p.m.22 views

Cross site scripting

Gitlab Community Edition version 10.2.4 is vulnerable to lack of input validation in the CI job component resulting in persistent cross site scripting...

4.3CVSS6.1AI score0.01298EPSS
Exploits0References3Affected Software2
OSV
OSV
added 2018/03/21 8:29 p.m.19 views

CVE-2017-0917

Gitlab Community Edition version 10.2.4 is vulnerable to lack of input validation in the CI job component resulting in persistent cross site scripting...

6.1CVSS6.2AI score
Exploits0References3
CVE
CVE
added 2018/03/21 8:0 p.m.74 views

CVE-2017-0917

CVE-2017-0917: GitLab Community Edition v10.2.4 vulnerability in the CI job component due to lack of input validation, causing persistent cross-site scripting. Confirmed details across multiple sources indicate a remote attacker could inject arbitrary script via CI job output, leading to potentia...

6.1CVSS6AI score0.01298EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2018/03/21 8:0 p.m.73 views

CVE-2017-0924

CVE-2017-0924 affects GitLab Community Edition 10.2.4, with a lack of input validation in the labels component that enables persistent cross-site scripting (XSS). Multiple sources (NVD entry for CVE-2017-0924, OpenVAS NASL, CNVD entry) corroborate that the vulnerability is tied to the labels comp...

6.1CVSS5.9AI score0.00771EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2018/03/21 8:0 p.m.27 views

CVE-2017-0917

Removed by vendor...

6.1CVSS6.7AI score0.01298EPSS
Exploits0
Debian CVE
Debian CVE
added 2018/03/21 8:0 p.m.21 views

CVE-2017-0924

Removed by vendor...

6.1CVSS6.4AI score0.00771EPSS
Exploits0
Exploit DB
Exploit DB
added 2018/03/20 12:0 a.m.47 views

Coship RT3052 Wireless Router - Persistent Cross-Site Scripting

Exploit Title: Coship RT3052 Wireless Router - Persistent Cross Site Scripting XSS Date: 2018-03-18 Exploit Author: Sayan Chatterjee Vendor Homepage: http://en.coship.com/ Category: Hardware Wifi Router Version: 4.0.0.48 Tested on: Windows 10 CVE: CVE-2018-8772 Proof of Concept =================...

6.1CVSS6.4AI score0.01849EPSS
Exploits3
The Hacker News
The Hacker News
added 2018/03/13 4:37 p.m.61 views

13 Critical Flaws Discovered in AMD Ryzen and EPYC Processors

Security researchers claimed to have discovered 13 critical Spectre/Meltdown-like vulnerabilities throughout AMD's Ryzen and EPYC lines of processors that could allow attackers to access sensitive data, install persistent malware inside the chip, and gain full access to the compromised systems. A...

8AI score
Exploits0
OSV
OSV
added 2018/03/12 3:29 p.m.26 views

CVE-2016-9589

Undertow in Red Hat wildfly before version 11.0.0.Beta1 is vulnerable to a resource exhaustion resulting in a denial of service. Undertow keeps a cache of seen HTTP headers in persistent connections. It was found that this cache can easily exploited to fill memory with garbage, up to "max-headers...

7.5CVSS7.7AI score
Exploits0References13
Cvelist
Cvelist
added 2018/03/12 3:0 p.m.45 views

CVE-2016-9589

Undertow in Red Hat wildfly before version 11.0.0.Beta1 is vulnerable to a resource exhaustion resulting in a denial of service. Undertow keeps a cache of seen HTTP headers in persistent connections. It was found that this cache can easily exploited to fill memory with garbage, up to "max-headers...

7.3AI score0.03133EPSS
Exploits0References13
Exploit DB
Exploit DB
added 2018/03/02 12:0 a.m.73 views

D-Link DIR-600M Wireless - Cross-Site Scripting

Exploit Title: D-Link DIR-600M Wireless - Persistent Cross Site Scripting Date: 11.02.2018 Vendor Homepage: http://www.dlink.co.in Hardware Link: http://www.dlink.co.in/products/?pid=DIR-600M Category: Hardware Exploit Author: Prasenjit Kanti Paul Web: http://hack2rule.wordpress.com/ Hardware...

5.4CVSS5.5AI score0.02186EPSS
Exploits5
Packet Storm
Packet Storm
added 2018/03/02 12:0 a.m.50 views

D-Link DIR-600M Wireless Cross Site Scripting

Exploit Title: D-Link DIR-600M Wireless - Persistent Cross Site Scripting Date: 11.02.2018 Vendor Homepage: http://www.dlink.co.in Hardware Link: http://www.dlink.co.in/products/?pid=DIR-600M Category: Hardware Exploit Author: Prasenjit Kanti Paul Web: http://hack2rule.wordpress.com/ Hardware...

5.6AI score0.02186EPSS
Exploits5
Rows per page
Query Builder