Lucene search
K

7660 matches found

NVD
NVD
added 2017/11/10 11:29 p.m.12 views

CVE-2017-16782

In Home Assistant before 0.57, it is possible to inject JavaScript code into a persistent notification via crafted Markdown text, aka XSS...

6.1CVSS6.3AI score0.00772EPSS
Exploits0References1
OSV
OSV
added 2017/11/10 11:29 p.m.17 views

CVE-2017-16782

In Home Assistant before 0.57, it is possible to inject JavaScript code into a persistent notification via crafted Markdown text, aka XSS...

6.1CVSS6.8AI score
Exploits0References1
Cvelist
Cvelist
added 2017/11/10 11:0 p.m.20 views

CVE-2017-16782

In Home Assistant before 0.57, it is possible to inject JavaScript code into a persistent notification via crafted Markdown text, aka XSS...

6.2AI score0.00772EPSS
Exploits0References1
OSV
OSV
added 2017/11/10 2:29 a.m.5 views

CVE-2017-16568

Persistent Cross-Site Scripting XSS vulnerability in Logitech Media Server 7.9.0, affecting the "Radio" functionality. This vulnerability allows attackers to inject malicious JavaScript payloads, which become permanently stored on the server and execute when a user plays the compromised radio...

5.4CVSS5.8AI score0.01985EPSS
Exploits2References1
OSV
OSV
added 2017/11/10 2:29 a.m.5 views

CVE-2017-16567

Persistent Cross-Site Scripting XSS vulnerability in Logitech Media Server 7.9.0, affecting the "Favorites" feature. This vulnerability allows remote attackers to inject and permanently store malicious JavaScript payloads, which are executed when users access the affected functionality...

5.4CVSS5.9AI score0.02239EPSS
Exploits3References1
Prion
Prion
added 2017/11/07 4:29 p.m.16 views

Design/Logic Flaw

A backdoor vulnerability exists in remote control functionality of Circle with Disney running firmware 2.0.1. A specific set of network packets can remotely start an SSH server on the device, resulting in a persistent backdoor. An attacker can send an API call to enable the SSH server...

6CVSS6.4AI score0.00973EPSS
Exploits2References1Affected Software1
Packet Storm
Packet Storm
added 2017/11/07 12:0 a.m.42 views

Logitech Media Server 7.9.0 Cross Site Scripting

Exploit Title: Logitech Media Server : Persistent Cross Site ScriptingXSS Shodan Dork: Search Logitech Media Server Date: 11/03/2017 Exploit Author: Dewank Pant Vendor Homepage: www.logitech.com Software Link: download link if available Version: 7.9.0 Tested on: Windows 10, Linux CVE : Applied Fo...

5.9AI score0.02239EPSS
Exploits4
OpenVAS
OpenVAS
added 2017/11/07 12:0 a.m.18 views

Logitech Media Server Multiple Persistent XSS Vulnerabilities

Logitech Media Server is prone to multiple stored cross site scripting vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

5.4CVSS5.4AI score0.02239EPSS
Exploits4References2
ATTACKERKB
ATTACKERKB
added 2017/11/06 10:29 p.m.3 views

CVE-2017-16636

In Bludit v1.5.2 and v2.0.1, an XSS vulnerability is located in the new page, new category, and edit post function body message context. Remote attackers are able to bypass the basic editor validation to trigger cross site scripting. The XSS is persistent and the request method to inject via edit...

5.4CVSS4.3AI score0.00608EPSS
Exploits3References2
Prion
Prion
added 2017/11/06 10:29 p.m.15 views

Cross site scripting

In Bludit v1.5.2 and v2.0.1, an XSS vulnerability is located in the new page, new category, and edit post function body message context. Remote attackers are able to bypass the basic editor validation to trigger cross site scripting. The XSS is persistent and the request method to inject via edit...

3.5CVSS5AI score0.00608EPSS
Exploits3References1Affected Software1
OSV
OSV
added 2017/11/06 10:29 p.m.14 views

CVE-2017-16636

In Bludit v1.5.2 and v2.0.1, an XSS vulnerability is located in the new page, new category, and edit post function body message context. Remote attackers are able to bypass the basic editor validation to trigger cross site scripting. The XSS is persistent and the request method to inject via edit...

5.4CVSS5.8AI score
Exploits0References1
Cvelist
Cvelist
added 2017/11/06 10:0 p.m.25 views

CVE-2017-16636

In Bludit v1.5.2 and v2.0.1, an XSS vulnerability is located in the new page, new category, and edit post function body message context. Remote attackers are able to bypass the basic editor validation to trigger cross site scripting. The XSS is persistent and the request method to inject via edit...

5.1AI score0.00608EPSS
Exploits3References1
CVE
CVE
added 2017/11/06 10:0 p.m.59 views

CVE-2017-16636

In Bludit v1.5.2 and v2.0.1, CVE-2017-16636 describes a persistent XSS in the new page, new category, and edit post function body message context. An attacker can bypass basic editor validation to inject scripts via an unrecognized editor tag, with the GET method and a follow-up POST to persist t...

5.4CVSS5AI score0.00608EPSS
Exploits3References1Affected Software1
0day.today
0day.today
added 2017/11/06 12:0 a.m.54 views

Logitech Media Server 7.9.0 - Radio URL Cross-Site Scripting Vulnerability

Exploit for multiple platform in category web applications Exploit Title: Logitech Media Server : HTML code injection and execution. Shodan Dork: Search Logitech Media Server Date: 11/03/2017 Exploit Author: Dewank Pant Vendor Homepage: www.logitech.com Version: 7.9.0 Tested on: Windows 10, Linux...

3.5CVSS0.1AI score0.01985EPSS
Exploits2
0day.today
0day.today
added 2017/11/06 12:0 a.m.36 views

Logitech Media Server 7.9.0 - favorites Cross-Site Scripting Vulnerability

Exploit for multiple platform in category web applications Exploit Title: Logitech Media Server : Persistent Cross Site ScriptingXSS Shodan Dork: Search Logitech Media Server Date: 11/03/2017 Exploit Author: Dewank Pant Vendor Homepage: www.logitech.com Software Link: download link if available...

3.5CVSS6AI score0.02239EPSS
Exploits3
exploitpack
exploitpack
added 2017/11/03 12:0 a.m.20 views

Logitech Media Server 7.9.0 - Radio URL Cross-Site Scripting

Logitech Media Server 7.9.0 - Radio URL Cross-Site Scripting Exploit Title: Logitech Media Server : HTML code injection and execution. Shodan Dork: Search Logitech Media Server Date: 11/03/2017 Exploit Author: Dewank Pant Vendor Homepage: www.logitech.com Version: 7.9.0...

0.5AI score
Exploits0
exploitpack
exploitpack
added 2017/11/03 12:0 a.m.24 views

Logitech Media Server 7.9.0 - favorites Cross-Site Scripting

Logitech Media Server 7.9.0 - favorites Cross-Site Scripting Exploit Title: Logitech Media Server : Persistent Cross Site ScriptingXSS Shodan Dork: Search Logitech Media Server Date: 11/03/2017 Exploit Author: Dewank Pant Vendor Homepage: www.logitech.com Software Link: download link if available...

0.3AI score
Exploits0
Exploit DB
Exploit DB
added 2017/11/03 12:0 a.m.17 views

Logitech Media Server 7.9.0 - 'favorites' Cross-Site Scripting

Exploit Title: Logitech Media Server : Persistent Cross Site ScriptingXSS Shodan Dork: Search Logitech Media Server Date: 11/03/2017 Exploit Author: Dewank Pant Vendor Homepage: www.logitech.com Software Link: download link if available Version: 7.9.0 Tested on: Windows 10, Linux CVE : Applied Fo...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2017/11/03 12:0 a.m.27 views

Logitech Media Server 7.9.0 - 'Radio URL' Cross-Site Scripting

Exploit Title: Logitech Media Server : HTML code injection and execution. Shodan Dork: Search Logitech Media Server Date: 11/03/2017 Exploit Author: Dewank Pant Vendor Homepage: www.logitech.com Version: 7.9.0 Tested on: Windows 10, Linux CVE : Applied For. POC: 1. Access and go to the Radio URL...

7.4AI score
Exploits0
Vulnerability Lab
Vulnerability Lab
added 2017/11/01 12:0 a.m.44 views

TinyWebGallery v2.4 (TWGE) - Persistent XSS Vulnerability

Document Title: =============== TinyWebGallery v2.4 TWGE - Persistent XSS Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=1997 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-16635...

5.4CVSS5.8AI score0.0078EPSS
Exploits2
Rows per page
Query Builder