7660 matches found
Xnami 1.0 - Cross-Site Scripting
Xnami 1.0 - Cross-Site Scripting Exploit Title: Xnami Image Sharing - Persistent XSS Vulnerability Google Dork: " Copyright 2017 xnami. " & 2018 Date: 11-01-2018 Exploit Author: Dennis Veninga Contact Author: d.veninga at networking4all.com Vendor Homepage: bizlogicdev.com Version: 1.0 CVE-ID:...
Piwigo v2.8.2 & 2.9.1 CMS - Multiple Cross Site Vulnerabilities
Document Title: =============== Piwigo v2.8.2 & 2.9.1 CMS - Multiple Cross Site Vulnerabilities References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2005 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-5692 CVE-ID: ======= CVE-2018-5692 Release Date...
SonicWall GMS v8.1 - Filter Bypass & Persistent Vulnerability
Document Title: =============== SonicWall GMS v8.1 - Filter Bypass & Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1819 Release Notes:...
Magento Connect T1 Cross Site Scripting
Document Title: =============== Magento Connect T1 - Claim Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1469 Release Date: ============= 2018-01-08 Vulnerability Laboratory ID VL-ID: ==================================== 1469...
Taxi Booking Script 1.0 Cross Site Scripting
Exploit Title: Taxi Booking Script v1.0 - Cross-site Scripting XSS Date: 11.01.2018 Vendor Homepage: https://www.phpjabbers.com/taxi-booking-script/ Software Link: Demo: http://demo.phpjabbers.com/1515648238792/index.php?controller=pjAdminUsers&action=pjActionIndex&err=AU01 Version: 1.0 Category:...
Taxi Booking Script 1.0 - Cross-site Scripting
Exploit Title: Taxi Booking Script v1.0 - Cross-site Scripting XSS Date: 11.01.2018 Vendor Homepage: https://www.phpjabbers.com/taxi-booking-script/ Software Link: Demo: http://demo.phpjabbers.com/1515648238792/index.php?controller=pjAdminUsers&action=pjActionIndex&err=AU01 Version: 1.0 Category:...
Xnami 1.0 - Cross-Site Scripting
Exploit Title: Xnami Image Sharing - Persistent XSS Vulnerability Google Dork: " Copyright 2017 xnami. " & 2018 Date: 11-01-2018 Exploit Author: Dennis Veninga Contact Author: d.veninga at networking4all.com Vendor Homepage: bizlogicdev.com Version: 1.0 CVE-ID: CVE-2018-5370 Xnami facilitates the...
SonicWall GMS v8.1 - Filter Bypass & Persistent Vulnerability
Document Title: =============== SonicWall GMS v8.1 - Filter Bypass & Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1819 Release Notes:...
Piwigo v2.8.2 & 2.9.1 CMS - Multiple Cross Site Vulnerabilities
Document Title: =============== Piwigo v2.8.2 & 2.9.1 CMS - Multiple Cross Site Vulnerabilities References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2005 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-5692 CVE-ID: ======= CVE-2018-5692 Release Date...
Sophos XG from Unauthenticated Persistent XSS to Unauthorized Root Access(CVE-2017-18014)
Vulnerability Summary The following advisory describes an unauthenticated persistent XSS that leads to unauthorized root access found in Sophos XG version 17. Sophos XG Firewall “provides unprecedented visibility into your network, users, and applications directly from the all-new control center...
Joomla! Easydiscuss Cross Site Scripting
Exploit Title: Joomla Plugin Easydiscuss inside the body, everything after the will be executed in the useras browser. Works with every version up to 4.0.20 2. Proof of Concept Login with permissions to post a message, insert in the body and add any html code after that, whenever a user tries to...
Cross site scripting
Multiple persistent stored Cross-Site-Scripting XSS vulnerabilities in the files /wb/admin/admintools/tool.php Droplet Description and /install/index.php Site Title in WebsiteBaker 2.10.0 allow attackers to insert persistent JavaScript code that gets reflected back to users in multiple areas in t...
Joomla Easydiscuss Component < 4.0.21 - Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: Joomla Plugin Easydiscuss inside the body, everything after the will be executed in the user’s browser. Works with every version up to 4.0.20 2. Proof of Concept Login with permissions to post a message, insert in the body and a...
WordPress Social Media Widget by Acurax 3.2.5 Plugin - Cross-Site Request Forgery Vulnerability
Exploit for php platform in category web applications Exploit Title: Social Media Widget by Acurax CSRF Discovery Date: 2017-12-12 Exploit Author: Panagiotis Vagenas Author Link: https://twitter.com/panVagenas Vendor Homepage: http://www.acurax.com/ Software Link:...
Joomla! Component Easydiscuss 4.0.21 - Cross-Site Scripting
Joomla! Component Easydiscuss 4.0.21 - Cross-Site Scripting Exploit Title: Joomla Plugin Easydiscuss inside the body, everything after the will be executed in the user’s browser. Works with every version up to 4.0.20 2. Proof of Concept Login with permissions to post a message, insert in the body...
WordPress Plugin Social Media Widget by Acurax 3.2.5 - Cross-Site Request Forgery
WordPress Plugin Social Media Widget by Acurax 3.2.5 - Cross-Site Request Forgery Exploit Title: Social Media Widget by Acurax CSRF Discovery Date: 2017-12-12 Exploit Author: Panagiotis Vagenas Author Link: https://twitter.com/panVagenas Vendor Homepage: http://www.acurax.com/ Software Link:...
WordPress Admin Menu Tree Page View 2.6.9 Plugin - Cross-Site Request Forgery / Privilege Escalation
Exploit for php platform in category web applications Exploit Title: Admin Menu Tree Page View CSRF, Privilege Escalation Exploit Author: Panagiotis Vagenas Author Link: https://twitter.com/panVagenas Vendor Homepage: http://eskapism.se/ Software Link:...
WordPress Plugin Admin Menu Tree Page View 2.6.9 - Cross-Site Request Forgery Privilege Escalation
WordPress Plugin Admin Menu Tree Page View 2.6.9 - Cross-Site Request Forgery Privilege Escalation Exploit Title: Admin Menu Tree Page View CSRF, Privilege Escalation Discovery Date: 2017-12-12 Exploit Author: Panagiotis Vagenas Author Link: https://twitter.com/panVagenas Vendor Homepage:...
Joomla! Component Easydiscuss < 4.0.21 - Cross-Site Scripting
Exploit Title: Joomla Plugin Easydiscuss inside the body, everything after the will be executed in the user’s browser. Works with every version up to 4.0.20 2. Proof of Concept Login with permissions to post a message, insert in the body and add any html code after that, whenever a user tries to...
WordPress Plugin Social Media Widget by Acurax 3.2.5 - Cross-Site Request Forgery
Exploit Title: Social Media Widget by Acurax CSRF Discovery Date: 2017-12-12 Exploit Author: Panagiotis Vagenas Author Link: https://twitter.com/panVagenas Vendor Homepage: http://www.acurax.com/ Software Link: https://wordpress.org/plugins/acurax-social-media-widget Version: 3.2.5 Tested on:...