Lucene search
K

7660 matches found

exploitpack
exploitpack
added 2018/03/02 12:0 a.m.51 views

D-Link DIR-600M Wireless - Cross-Site Scripting

D-Link DIR-600M Wireless - Cross-Site Scripting Exploit Title: D-Link DIR-600M Wireless - Persistent Cross Site Scripting Date: 11.02.2018 Vendor Homepage: http://www.dlink.co.in Hardware Link: http://www.dlink.co.in/products/?pid=DIR-600M Category: Hardware Exploit Author: Prasenjit Kanti Paul...

3.5CVSS5.4AI score0.02186EPSS
Exploits5
Vulnerability Lab
Vulnerability Lab
added 2018/03/02 12:0 a.m.57 views

Sandoba CP:Shop CMS v2016.1 - Multiple XSS Vulnerabilities

Document Title: =============== Sandoba CP:Shop CMS v2016.1 - Multiple XSS Vulnerabilities References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2122 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-13001 CVE-ID: ======= CVE-2018-13001 Release Date:...

6.1CVSS0.5AI score0.00813EPSS
Exploits3
Packet Storm
Packet Storm
added 2018/02/27 12:0 a.m.20 views

MyBB My Arcade 1.3 Cross Site Scripting

Exploit Title: MyBB My Arcade Plugin v1.3 - Persistent XSS Date: 2/21/2018 Author: 0xB9 Contact: luxorforums.com/User-0xB9 or 0xB9atprotonmail.com Software Link: https://community.mybb.com/mods.php?action=view&pid=411 Version: 1.3 Tested on: Ubuntu 17.10 1. Description: The My Arcade plugin adds ...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2018/02/27 12:0 a.m.14 views

MyBB My Arcade Plugin 1.3 - Cross-Site Scripting

MyBB My Arcade Plugin 1.3 - Cross-Site Scripting Exploit Title: MyBB My Arcade Plugin v1.3 - Persistent XSS Date: 2/21/2018 Author: 0xB9 Contact: luxorforums.com/User-0xB9 or 0xB9atprotonmail.com Software Link: https://community.mybb.com/mods.php?action=view&pid=411 Version: 1.3 Tested on: Ubuntu...

6.7AI score
Exploits0
Exploit DB
Exploit DB
added 2018/02/27 12:0 a.m.21 views

MyBB My Arcade Plugin 1.3 - Cross-Site Scripting

Exploit Title: MyBB My Arcade Plugin v1.3 - Persistent XSS Date: 2/21/2018 Author: 0xB9 Contact: luxorforums.com/User-0xB9 or 0xB9atprotonmail.com Software Link: https://community.mybb.com/mods.php?action=view&pid=411 Version: 1.3 Tested on: Ubuntu 17.10 1. Description: The My Arcade plugin adds ...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/02/27 12:0 a.m.27 views

MyBB My Arcade Plugin 1.3 - Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: MyBB My Arcade Plugin v1.3 - Persistent XSS Date: 2/21/2018 Author: 0xB9 Contact: luxorforums.com/User-0xB9 or 0xB9atprotonmail.com Software Link: https://community.mybb.com/mods.php?action=view&pid=411 Version: 1.3 Tested on:...

0.1AI score
Exploits0
Prion
Prion
added 2018/02/24 2:29 a.m.10 views

Cross site scripting

DISPUTED mojoPortal through 2.6.0.0 is prone to multiple persistent cross-site scripting vulnerabilities because it fails to sanitize user-supplied input. The 'Title' and 'Subtitle' fields of the 'Blog' page are vulnerable. NOTE: The software maintainer disputes this as a vulnerability because th...

3.5CVSS4.9AI score0.00734EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2018/02/24 2:0 a.m.13 views

CVE-2018-7447

mojoPortal through 2.6.0.0 is prone to multiple persistent cross-site scripting vulnerabilities because it fails to sanitize user-supplied input. The 'Title' and 'Subtitle' fields of the 'Blog' page are vulnerable. NOTE: The software maintainer disputes this as a vulnerability because the fields...

5.8AI score0.00734EPSS
Exploits0References2
Cvelist
Cvelist
added 2018/02/24 2:0 a.m.14 views

CVE-2018-7447

mojoPortal through 2.6.0.0 is prone to multiple persistent cross-site scripting vulnerabilities because it fails to sanitize user-supplied input. The 'Title' and 'Subtitle' fields of the 'Blog' page are vulnerable. NOTE: The software maintainer disputes this as a vulnerability because the fields...

5.1AI score0.00734EPSS
Exploits0References2
CVE
CVE
added 2018/02/24 2:0 a.m.43 views

CVE-2018-7447

mojoPortal up to version 2.6.0.0 is affected by persistent cross-site scripting in the Blog page’s Title and Subtitle fields due to inadequate input sanitization. The vulnerability arises from failing to filter user input, enabling XSS in affected pages. The maintainer disputes this as a vulnerab...

4.8CVSS5AI score0.00734EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2018/02/22 12:0 a.m.27 views

FreeBSD : GitLab -- multiple vulnerabilities (86291013-16e6-11e8-ae9f-d43d7e971a1b)

GitLab reports : SnippetFinder information disclosure The GitLab SnippetFinder component contained an information disclosure which allowed access to snippets restricted to Only team members or configured as disabled. The issue is now resolved in the latest version. LDAP API authorization issue An...

5.5AI score
Exploits0References2
NVD
NVD
added 2018/02/21 4:29 p.m.21 views

CVE-2018-7261

There are multiple Persistent XSS vulnerabilities in Radiant CMS 1.1.4. They affect Personal Preferences Name and Username and Configuration Site Title, Dev Site Domain, Page Parts, and Page Fields...

5.4CVSS5.5AI score0.00609EPSS
Exploits2References2
Prion
Prion
added 2018/02/21 4:29 p.m.18 views

Cross site scripting

There are multiple Persistent XSS vulnerabilities in Radiant CMS 1.1.4. They affect Personal Preferences Name and Username and Configuration Site Title, Dev Site Domain, Page Parts, and Page Fields...

3.5CVSS5.4AI score0.00609EPSS
Exploits2References2Affected Software1
CVE
CVE
added 2018/02/21 4:0 p.m.47 views

CVE-2018-7261

CVE-2018-7261 affects Radiant CMS 1.1.4 with multiple Persistent XSS vulnerabilities in Personal Preferences (Name/Username) and Configuration (Site Title, Dev Site Domain, Page Parts, Page Fields). Root cause: insufficient filtration/sanitization of user-supplied data. Impact: remote attacker ma...

5.4CVSS5.4AI score0.00609EPSS
Exploits2References2Affected Software1
Cvelist
Cvelist
added 2018/02/21 4:0 p.m.23 views

CVE-2018-7261

There are multiple Persistent XSS vulnerabilities in Radiant CMS 1.1.4. They affect Personal Preferences Name and Username and Configuration Site Title, Dev Site Domain, Page Parts, and Page Fields...

5.5AI score0.00609EPSS
Exploits2References2
Prion
Prion
added 2018/02/21 1:29 a.m.15 views

Cross site scripting

An issue was discovered on RLE Wi-MGR/FDS-Wi 6.2 devices. Persistent XSS exists in the web server. Remote attackers can inject malicious JavaScript code using the device's BACnet implementation. This is similar to a Cross Protocol Injection with SNMP...

4.3CVSS6.2AI score0.0078EPSS
Exploits1References1Affected Software2
NVD
NVD
added 2018/02/21 1:29 a.m.19 views

CVE-2018-7277

An issue was discovered on RLE Wi-MGR/FDS-Wi 6.2 devices. Persistent XSS exists in the web server. Remote attackers can inject malicious JavaScript code using the device's BACnet implementation. This is similar to a Cross Protocol Injection with SNMP...

6.1CVSS6.3AI score0.0078EPSS
Exploits1References1
CVE
CVE
added 2018/02/21 1:0 a.m.40 views

CVE-2018-7278

The CVE-2018-7278 entry affects RLE Protocol Converter FDS-PC / FDS-PC-DP 2.1 devices. The vulnerability is a persistent XSS in the web server, exploitable by remote attackers through the device’s BACnet implementation to inject arbitrary JavaScript. This is described across multiple sources (NVD...

6.1CVSS6.2AI score0.0078EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2018/02/21 1:0 a.m.24 views

CVE-2018-7278

An issue was discovered on RLE Protocol Converter FDS-PC / FDS-PC-DP 2.1 devices. Persistent XSS exists in the web server. Remote attackers can inject malicious JavaScript code using the device's BACnet implementation. This is similar to a Cross Protocol Injection with SNMP...

6.3AI score0.0078EPSS
Exploits1References1
CVE
CVE
added 2018/02/21 1:0 a.m.32 views

CVE-2018-7277

CVE-2018-7277 affects RLE Wi-MGR/FDS-Wi 6.2 devices. A persistent XSS in the device web server, exploited via the BACnet implementation, allows remote attackers to inject malicious JavaScript. The issue is described as similar to a Cross Protocol Injection with SNMP. No explicit remediation or pa...

6.1CVSS6.2AI score0.0078EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder