7657 matches found
Mezzanine 4.2.0 - Cross-Site Scripting
Mezzanine 4.2.0 - Cross-Site Scripting Security Advisory - Curesec Research Team 1. Introduction Affected Product: Mezzanine 4.2.0 Fixed in: 4.2.1 Fixed Version Link: https://github.com/stephenmcd/mezzanine/releases/tag/4.2.1 Vendor Website: http://mezzanine.jupo.org/ Vulnerability Type: XSS Remo...
FUDforum 3.0.6 - Cross-Site Scripting Cross-Site Request Forgery
FUDforum 3.0.6 - Cross-Site Scripting Cross-Site Request Forgery Security Advisory - Curesec Research Team 1. Introduction Affected Product: FUDforum 3.0.6 Fixed in: not fixed Fixed Version Link: n/a Vendor Website: http://fudforum.org/forum/ Vulnerability Type: XSS, Login CSRF Remote Exploitable...
FUDforum 3.0.6 - Cross-Site Scripting / Cross-Site Request Forgery
Security Advisory - Curesec Research Team 1. Introduction Affected Product: FUDforum 3.0.6 Fixed in: not fixed Fixed Version Link: n/a Vendor Website: http://fudforum.org/forum/ Vulnerability Type: XSS, Login CSRF Remote Exploitable: Yes Reported to vendor: 04/11/2016 Disclosed to public:...
Mezzanine 4.2.0 - Cross-Site Scripting
Security Advisory - Curesec Research Team 1. Introduction Affected Product: Mezzanine 4.2.0 Fixed in: 4.2.1 Fixed Version Link: https://github.com/stephenmcd/mezzanine/releases/tag/4.2.1 Vendor Website: http://mezzanine.jupo.org/ Vulnerability Type: XSS Remote Exploitable: Yes Reported to vendor:...
WordPress Easy Facebook Like Box 4.3.0 CSRF / XSS
Exploit Title : WordPress Plugin Easy Facebook Like Box 4.3.0- Cross-Site Request Forgery / Persistent Cross-Site Scripting Exploit Author : Persian Hack Team Vendor Homepage : https://wordpress.org/plugins/easy-facebook-likebox/ Category: Webapps Tested on: Win Version: 4.3.0 Date: 2016/11/19 Po...
WordPress MailChimp 4.0.7 Cross Site Request Forgery / Cross Site Scripting
Exploit Title : WordPress Plugin MailChimp 4.0.7 - Cross-Site Request Forgery / Persistent Cross-Site Scripting Exploit Author : Persian Hack Team Vendor Homepage : https://wordpress.org/plugins/mailchimp-for-wp/ Category: Webapps Tested on: Win Version: 4.0.7 Date: 2016/11/19 PoC: I would like t...
FUDforum 3.0.6 Cross Site Request Forgery / Cross Site Scripting Vulnerabilities
FUDforum version 3.0.6 suffers from cross site request forgery and cross site scripting vulnerabilities. 1. Introduction Affected Product: FUDforum 3.0.6 Fixed in: not fixed Fixed Version Link: n/a Vendor Website: http://fudforum.org/forum/ Vulnerability Type: XSS, Login CSRF Remote Exploitable:...
Mezzanine 4.2.0 Cross Site Scripting Vulnerability
Mezzanine version 4.2.0 suffers from persistent cross site scripting vulnerabilities. 1. Introduction Affected Product: Mezzanine 4.2.0 Fixed in: 4.2.1 Fixed Version Link: https://github.com/stephenmcd/mezzanine/releases/tag/4.2.1 Vendor Website: http://mezzanine.jupo.org/ Vulnerability Type: XSS...
MoinMoin 1.9.8 Cross Site Scripting Vulnerability
MoinMoin version 1.9.8 suffers from cross site scripting vulnerabilities. 1. Introduction Affected Product: MoinMoin 1.9.8 Fixed in: 1.9.9 Fixed Version Link: http://static.moinmo.in/files/moin-1.9.9.tar.gz Vendor Website: https://moinmo.in Vulnerability Type: XSS Remote Exploitable: Yes Reported...
SPIP 3.1 Cross Site Scripting / Header Injection
Security Advisory - Curesec Research Team 1. Introduction Affected SPIP 3.1 Product: Fixed in: 3.1.2 / 3.0.23 Fixed Version http://www.spip.net/endownload Link: Vendor Website: http://www.spip.net/ Vulnerability Reflected & Persistent XSS, Host Header Injection, httpOnly Type: Cookie disclosure...
Mezzanine 4.2.0 Cross Site Scripting
Security Advisory - Curesec Research Team 1. Introduction Affected Product: Mezzanine 4.2.0 Fixed in: 4.2.1 Fixed Version Link: https://github.com/stephenmcd/mezzanine/releases/tag/4.2.1 Vendor Website: http://mezzanine.jupo.org/ Vulnerability Type: XSS Remote Exploitable: Yes Reported to vendor:...
FUDforum 3.0.6 Cross Site Request Forgery / Cross Site Scripting
Security Advisory - Curesec Research Team 1. Introduction Affected Product: FUDforum 3.0.6 Fixed in: not fixed Fixed Version Link: n/a Vendor Website: http://fudforum.org/forum/ Vulnerability Type: XSS, Login CSRF Remote Exploitable: Yes Reported to vendor: 04/11/2016 Disclosed to public:...
MoinMoin 1.9.8 Cross Site Scripting
Security Advisory - Curesec Research Team 1. Introduction Affected Product: MoinMoin 1.9.8 Fixed in: 1.9.9 Fixed Version Link: http://static.moinmo.in/files/moin-1.9.9.tar.gz Vendor Website: https://moinmo.in Vulnerability Type: XSS Remote Exploitable: Yes Reported to vendor: 09/05/2016 Disclosed...
Adobe Marketing Cloud - Bypass & Persistent Vulnerability
Document Title: =============== Adobe Marketing Cloud - Bypass & Persistent Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=1939 Release Date: ============= 2016-11-14 Vulnerability Laboratory ID VL-ID: ====================================...
Adobe Marketing Cloud - Bypass & Persistent Vulnerability
Document Title: =============== Adobe Marketing Cloud - Bypass & Persistent Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=1939 Release Date: ============= 2016-11-14 Vulnerability Laboratory ID VL-ID: ====================================...
Informatica: [marketplace.informatica.com] Persistent XSS through document title
Document titles are not properly escaped before being printed on https://marketplace.informatica.com/docs/ . By including a payload in a document title, an attacker can create a document with a persistent XSS vector which executes for anyone viewing the document page. Proof of concept === The...
MyBB 1.8.6 - Cross-Site Scripting
MyBB 1.8.6 - Cross-Site Scripting Security Advisory - Curesec Research Team 1. Introduction Affected Product: MyBB 1.8.6 Fixed in: 1.8.7 Fixed Version Link: http://resources.mybb.com/downloads/mybb1807.zip Vendor Website: http://www.mybb.com/ Vulnerability Type: XSS Remote Exploitable: Yes Report...
MyBB 1.8.6 Cross Site Scripting
Security Advisory - Curesec Research Team 1. Introduction Affected Product: MyBB 1.8.6 Fixed in: 1.8.7 Fixed Version Link: http://resources.mybb.com/downloads/mybb1807.zip Vendor Website: http://www.mybb.com/ Vulnerability Type: XSS Remote Exploitable: Yes Reported to vendor: 01/29/2016 Disclosed...
Adobe Connect 9.5.7 - Cross-Site Scripting Vulnerability
Exploit for windows platform in category web applications Document Title: =============== Adobe Connect & Desktop v9.5.7 - Persistent Vulnerability References Source: ==================== Bulletin: https://helpx.adobe.com/security/products/connect/apsb16-35.html...
Adobe Connect & Desktop v9.5.6 - Persistent Vulnerability
Document Title: =============== Adobe Connect & Desktop v9.5.6 - Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1838 Security ID: PSIRT-5180 Bulletin: https://helpx.adobe.com/security/products/connect/apsb16-35.html Vulnerabilit...