Lucene search
K

7657 matches found

Palo Alto Networks
Palo Alto Networks
added 2017/02/21 7:31 p.m.4 views

Cross-Site Scripting in the Management Web Interface

A persistent cross-site scripting XSS vulnerability exists in the management web interface ref PAN-66838 / CVE-2017-5584. PAN-OS contains a post-authentication vulnerability that may allow for a persistent cross-site scripting XSS attack of the management web interface. Successful exploitation of...

5.4CVSS5.8AI score0.00836EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2017/02/20 12:0 a.m.49 views

Telekom Cloud SSO Cross Site Scripting

Document Title: =============== Telekom Cloud SSO - Multiple Persistent XSS Vulnerabilities References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2021 Incident ID: 20161205FKr02 Vulnerability Magazine:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2017/02/17 12:0 a.m.42 views

Elefant CMS 1.3.12-RC Cross Site Scripting

Security Advisory - Curesec Research Team 1. Introduction Affected Product: Elefant CMS 1.3.12-RC Fixed in: 1.3.13 Fixed Version https://github.com/jbroadway/elefant/releases/tag/ Link: elefant1313rc Vendor Website: https://www.elefantcms.com/ Vulnerability XSS Type: Remote Yes Exploitable:...

Exploits0
0day.today
0day.today
added 2017/02/15 12:0 a.m.26 views

WordPress Easy Table 1.6 Cross Site Scripting Vulnerability

Exploit for php platform in category web applications ============================================= MGC ALERT 2017-001 - Original release date: Feb 07, 2017 - Last revised: Feb 12, 2017 - Discovered by: Manuel Garcia Cardenas - Severity: 4,8/10 CVSS Base Score...

7.1AI score
Exploits0
Vulnerability Lab
Vulnerability Lab
added 2017/02/09 12:0 a.m.33 views

Telekom Cloud SSO - Multiple Persistent XSS Vulnerabilities

Document Title: =============== Telekom Cloud SSO - Multiple Persistent XSS Vulnerabilities References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2021 Incident ID: 20161205FKr02 Vulnerability Magazine:...

7.4AI score
Exploits0
Patchstack
Patchstack
added 2017/02/07 12:0 a.m.9 views

WordPress XO Security plugin <=1.5.2 - Persistent Cross-Site Scripting (XSS) vulnerability

WordPress XO Security plugin Persistent Cross-Site Scripting XSS vulnerability was found in 1.5.2 version. The password is not sanitized in failedlogin function. Solution Update the plugin...

2.1AI score
Exploits0References2Affected Software1
OSV
OSV
added 2017/02/05 8:42 p.m.8 views

MGASA-2017-0042 Updated openssl packages fix security vulnerability

There is a carry propagation bug in the Broadwell-specific Montgomery multiplication procedure that handles input lengths divisible by, but longer than 256 bits. mong EC algorithms only Brainpool P-512 curves are affected and one presumably can attack ECDH key negotiation CVE-2016-7055. If an...

7.5CVSS6.7AI score0.57595EPSS
Exploits1References3
Mageia
Mageia
added 2017/02/05 8:42 p.m.69 views

Updated openssl packages fix security vulnerability

There is a carry propagation bug in the Broadwell-specific Montgomery multiplication procedure that handles input lengths divisible by, but longer than 256 bits. mong EC algorithms only Brainpool P-512 curves are affected and one presumably can attack ECDH key negotiation CVE-2016-7055. If an...

7.5CVSS1.2AI score0.57595EPSS
Exploits1References2
Hacker One
Hacker One
added 2017/02/03 4:43 a.m.16 views

Brave Software: Brave payments remembers history even after clearing all browser data.

NOTE! Thanks for submitting a report! Please fill all sections below with the pertinent details. Remember, the more detail you provide, the easier it is for us to verify and then potentially issue a bounty. Summary: As a user you expect the browser to not persist data after clearing browser data...

2.1AI score
Exploits0
Packet Storm
Packet Storm
added 2017/02/02 12:0 a.m.161 views

Bitrix Site Manager Cross Site Scripting

Hello list! There is Cross-Site Scripting vulnerability in Bitrix Site Manager. ------------------------- Affected products: ------------------------- Vulnerable was the last version of Bitrix Site Manager at 12.06.2015, when I found this vulnerability on web site of Russian terrorists. At that...

7.4AI score
Exploits0
0day.today
0day.today
added 2017/02/01 12:0 a.m.23 views

Revive Adserver 4.0.0 XSS / Deserialization / Session Fixation Vulnerabilities

Revive Adserver versions 4.0.0 and below suffer from cross site scripting, session fixation, and deserialization of untrusted data vulnerabilities. Revive Adserver 4.0.0 XSS / Deserialization / Session Fixation Applications affected: Revive Adserver Versions affected: = 4.0.1 Website:...

0.6AI score
Exploits0
The Hacker News
The Hacker News
added 2017/01/20 7:21 a.m.13 views

How A Bug Hunter Forced Apple to Completely Remove A Newly Launched Feature

Recently Apple released a new Feature for iPhone and iPad users, but it was so buggy that the company had no option other than rolling back the feature completely. In November, Apple introduced a new App Store feature, dubbed "Notify" button — a bright orange button that users can click if they...

7AI score
Exploits0
Veracode
Veracode
added 2017/01/20 6:20 a.m.8 views

Persistent Cross-site Scripting (XSS)

ghost is vulnerable to persistent cross-site scripting XSS. This is because it fails to sanitize user data, thus making it possible for an attacker to supply crafted input in order to harm third party users...

6.1AI score
Exploits0
Hacker One
Hacker One
added 2017/01/20 1:40 a.m.15 views

Harvest: Persistent XSS on ForecastApp

When adding a new Person, by inserting this in First or Last Name, I've got a persistent XSS: The key for this is that the person with the XSS string must appear in one or more dropdown menus. In other words, the Person must be available to be assigned to at least one project. I can also trigger...

1AI score
Exploits0
0day.today
0day.today
added 2017/01/20 12:0 a.m.52 views

Ghost Blog 0.11.3 Cross Site Scripting Vulnerability

Tempest Security Intelligence Advisory ADV-9/2017 - Ghost Blog version 0.11.3 suffers from a persistent cross site scripting vulnerability. Persistent Cross-Site Scripting XSS in Ghost ------------------------------------------------------- Author: - Patrick Costa Tempest Security Intelligence -...

6.7AI score
Exploits0
Vulnerability Lab
Vulnerability Lab
added 2017/01/18 12:0 a.m.42 views

Cisco Webex Meeting - Open Redirect Web Vulnerability

Document Title: =============== Cisco Webex Meeting - Open Redirect Web Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=1950 PSIRT ID: 1079904098 Bulletin:...

5.8CVSS0.2AI score0.01021EPSS
Exploits2
exploitpack
exploitpack
added 2017/01/17 12:0 a.m.26 views

Courier Management System - SQL Injection

Courier Management System - SQL Injection Title : Courier Management System - Sql Injection and non-persistent XSS login portal Date: 17 January 2017 Exploit Author: Sibusiso Sishi [email protected] Tested on: Windows7 x32 Vendor: http://couriermanageme.sourceforge.net/ Version: not supplied...

0.9AI score
Exploits0
Vulnerability Lab
Vulnerability Lab
added 2017/01/16 12:0 a.m.52 views

Apple iOS (Notify iTunes) - Bypass & Persistent Vulnerability

Document Title: =============== Apple iOS Notify iTunes - Bypass & Persistent Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2024 Followup ID: 654962036 Vulnerability Magazine:...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2017/01/16 12:0 a.m.53 views

Apple iTunes Notify Script Insertion

Document Title: =============== Apple iTunes Notify - Bypass & Persistent Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2024 Followup ID: 654962036 Vulnerability Magazine:...

7.4AI score
Exploits0
0day.today
0day.today
added 2017/01/16 12:0 a.m.19 views

Business Networking Script 8.11 - SQL Injection / Cross-Site Scripting Vulnerabilities

Exploit for php platform in category web applications Exploit Title : ----------- : Business Networking Script v8.11- SQLi & Persistent Cross Site Scripting Author : ----------------- : Ahmet Gurel Google Dork : --------- : - Date : -------------------- : 16/01/2017 Type : -------------------- :...

0.2AI score
Exploits0
Rows per page
Query Builder