Lucene search
K

7657 matches found

Prion
Prion
added 2017/07/17 1:18 p.m.20 views

Cross site scripting

A persistent cross site scripting vulnerability in NetScreen WebUI of Juniper Networks Juniper NetScreen Firewall+VPN running ScreenOS allows a user with the 'security' role to inject HTML/JavaScript content into the management session of other users including the administrator. This enables the...

3.5CVSS5.5AI score0.01078EPSS
Exploits0References3Affected Software1
0day.today
0day.today
added 2017/07/04 12:0 a.m.66 views

Xenforo Forum CMS 1.5.13 Cross Site Scripting Vulnerability

Exploit for php platform in category web applications +---------------------------------------------------------+ | Vulnerable Software: Xenforo Forum CMS | | Vendor: http://xenforo.com | | Vulnerability Type: Persistent XSS authenticated | | Date Released: 07/04/2017 | | Released by: MLT |...

7.1AI score
Exploits0
Hacker One
Hacker One
added 2017/07/02 9:42 a.m.24 views

Keybase: Persistent XSS on keybase.io via "payload" field in `/user/sigchain_signature.toffee` template

Issue Keybase allows you to see other users' sigchains by navigating to /sigchain. The "Payload" field containing JSON related to the chainlink on the right side of the page is not correctly escaped during templating, leading to a persistent XSS as users have a high degree of control over the...

6AI score
Exploits0
Citrix
Citrix
added 2017/06/29 12:0 a.m.7 views

Unidesk Recipe for NP Desktop Logon Time Optimization v3

One very popular use case for VDI is for kiosk or lab machines. Uses for these types of desktops include classroom labs, library access and general computing in schools and corporations. Architects and Administrators of these types of use cases generally want to be able to define default...

6.8AI score
Exploits0
Prion
Prion
added 2017/06/28 1:29 p.m.12 views

Cross site scripting

Biscom Secure File Transfer versions 5.0.0.0 trough 5.1.1024 are vulnerable to post-authentication persistent cross-site scripting XSS in the "Name" and "Description" fields of a Workspace, as well as the "Description" field of a File Details pane of a file stored in a Workspace. This issue has...

3.5CVSS5.2AI score0.00879EPSS
Exploits1References3Affected Software1
Hacker One
Hacker One
added 2017/06/21 11:15 p.m.67 views

Pornhub: Stored XSS in the any user profile using website link

The researcher discovered a stored XSS in the Website field of a user's profile page. I discovered Stored XSS attack vector in the user profile page using Website field. A similar bug was fixed several months ago i got a Duplicate in that time, but after some time I checked this again, and... the...

6.1AI score
Exploits0
OpenVAS
OpenVAS
added 2017/06/13 12:0 a.m.8 views

Composr CMS v10.0.0 XSS Vulnerability

Composr CMS is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:composr:cms";...

6.1AI score
Exploits0References1
seebug.org
seebug.org
added 2017/06/12 12:0 a.m.38 views

Craft CMS 2.6 - Cross-Site Scripting/Unrestricted File Upload

Technical Details & Description: ================================ The security risk of the xss vulnerability is estimated as medium with a common vulnerability scoring system count of 3.6. Exploitation of the persistent xss web vulnerability requires a limited editor user account with low...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2017/06/12 12:0 a.m.46 views

Evolution Script CMS 5.3 Cross Site Scripting

Document Title: =============== Evolution Script CMS v5.3 - Cross Site Scripting Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2075 Release Date: ============= 2017-06-07 Vulnerability Laboratory ID VL-ID:...

7.4AI score
Exploits0
0day.today
0day.today
added 2017/06/10 12:0 a.m.32 views

Craft CMS 2.6 - Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: Craft CMS 2.6 - Cross-Site Scripting/Unrestricted File Upload Date: 2017-06-08 Exploit Author: Ahsan Tahir Vendor Homepage: https://craftcms.com Software Link: http://download.craftcdn.com/craft/2.6/2.6.2981/Craft-2.6.2981.zip...

7.1AI score
Exploits0
Vulnerability Lab
Vulnerability Lab
added 2017/06/08 12:0 a.m.58 views

Composr CMS v10.0.0 - Cross Site Scripting Vulnerability

Document Title: =============== Composr CMS v10.0.0 - Cross Site Scripting Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2066 Release Date: ============= 2017-06-08 Vulnerability Laboratory ID VL-ID: ====================================...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2017/06/08 12:0 a.m.31 views

Craft CMS 2.6 - Cross-Site Scripting

Craft CMS 2.6 - Cross-Site Scripting Exploit Title: Craft CMS 2.6 - Cross-Site Scripting/Unrestricted File Upload Date: 2017-06-08 Exploit Author: Ahsan Tahir Vendor Homepage: https://craftcms.com Software Link: http://download.craftcdn.com/craft/2.6/2.6.2981/Craft-2.6.2981.zip Version: 2.6 Teste...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2017/06/08 12:0 a.m.56 views

Craft CMS 2.6 - Cross-Site Scripting

Exploit Title: Craft CMS 2.6 - Cross-Site Scripting/Unrestricted File Upload Date: 2017-06-08 Exploit Author: Ahsan Tahir Vendor Homepage: https://craftcms.com Software Link: http://download.craftcdn.com/craft/2.6/2.6.2981/Craft-2.6.2981.zip Version: 2.6 Tested on: Kali Linux 2.0 | Windows 8.1...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2017/06/07 8:54 p.m.17 views

Hard-coded Passwords Make Hacking Foscam ‘IP Cameras’ Much Easier

Security researchers have discovered over a dozen of vulnerabilities in tens of thousands of web-connected cameras that can not be protected just by changing their default credentials. Vulnerabilities found in two models of IP cameras from China-based manufacturer Foscam allow attackers to take...

8.2AI score
Exploits0
Packet Storm
Packet Storm
added 2017/06/07 12:0 a.m.41 views

Craft CMS 2.6 Cross Site Scripting / File Upload

Exploit Title: Craft CMS 2.6 - Cross-Site Scripting/Unrestricted File Upload Date: 2017-06-08 Exploit Author: Ahsan Tahir Vendor Homepage: https://craftcms.com Software Link: http://download.craftcdn.com/craft/2.6/2.6.2981/Craft-2.6.2981.zip Version: 2.6 Tested on: Kali Linux 2.0 | Windows 8.1...

7.4AI score
Exploits0
CNVD
CNVD
added 2017/06/07 12:0 a.m.4 views

Subsonic Cross-Site Scripting Vulnerability

Subsonic is a media streaming server that allows users to save music or collect videos on the server. Subsonic suffers from a cross-site scripting vulnerability. A remote attacker could use this vulnerability to persistently inject arbitrary web script or HTML via the name of an uploaded image...

8.8CVSS6AI score0.15676EPSS
Exploits5References1
0day.today
0day.today
added 2017/06/07 12:0 a.m.78 views

Grav CMS 1.4.2 Admin Plugin - Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: GravCMS Core Admin Plugin v1.4.2 - Persistent Cross-Site Scripting Date: 2017-06-07 Exploit Author: Ahsan Tahir Vendor Homepage: https://getgrav.org/ Software Link: https://getgrav.org/download/core/grav-admin/1.2.4 Version: 1.4...

7.1AI score
Exploits0
Vulnerability Lab
Vulnerability Lab
added 2017/06/07 12:0 a.m.35 views

Composr CMS v10.0.0 - Cross Site Scripting Vulnerability

Document Title: =============== Composr CMS v10.0.0 - Cross Site Scripting Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2066 Release Date: ============= 2017-06-07 Vulnerability Laboratory ID VL-ID: ====================================...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2017/06/07 12:0 a.m.38 views

GravCMS Core 1.4.2 Cross Site Scripting

Exploit Title: GravCMS Core Admin Plugin v1.4.2 - Persistent Cross-Site Scripting Date: 2017-06-07 Exploit Author: Ahsan Tahir Vendor Homepage: https://getgrav.org/ Software Link: https://getgrav.org/download/core/grav-admin/1.2.4 Version: 1.4.2 Tested on: Kali Linux 2.0 | Windows 8.1 Email:...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2017/06/07 12:0 a.m.31 views

Grav CMS 1.4.2 Admin Plugin - Cross-Site Scripting

Grav CMS 1.4.2 Admin Plugin - Cross-Site Scripting Exploit Title: GravCMS Core Admin Plugin v1.4.2 - Persistent Cross-Site Scripting Date: 2017-06-07 Exploit Author: Ahsan Tahir Vendor Homepage: https://getgrav.org/ Software Link: https://getgrav.org/download/core/grav-admin/1.2.4 Version: 1.4.2...

6.7AI score
Exploits0
Rows per page
Query Builder