Lucene search
K

7657 matches found

Vulnerability Lab
Vulnerability Lab
added 2016/11/09 12:0 a.m.31 views

Habari CMS v0.9.2 - (Backend Comments) XSS Vulnerability

Document Title: =============== Habari CMS v0.9.2 - Backend Comments XSS Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=1999 Release Date: ============= 2016-11-09 Vulnerability Laboratory ID VL-ID: ==================================== 19...

7.1AI score
Exploits0
Vulnerability Lab
Vulnerability Lab
added 2016/11/09 12:0 a.m.34 views

Habari CMS v0.9.2 - (Backend Comments) XSS Vulnerability

Document Title: =============== Habari CMS v0.9.2 - Backend Comments XSS Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=1999 Release Date: ============= 2016-11-09 Vulnerability Laboratory ID VL-ID: ==================================== 19...

7.1AI score
Exploits0
Vulnerability Lab
Vulnerability Lab
added 2016/11/09 12:0 a.m.54 views

Adobe Connect & Desktop v9.5.6 - Persistent Vulnerability

Document Title: =============== Adobe Connect & Desktop v9.5.6 - Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1838 Security ID: PSIRT-5180 Bulletin: https://helpx.adobe.com/security/products/connect/apsb16-35.html Vulnerabilit...

6.1CVSS0.07007EPSS
Exploits6
Exploit DB
Exploit DB
added 2016/11/09 12:0 a.m.69 views

Adobe Connect 9.5.7 - Cross-Site Scripting

Document Title: =============== Adobe Connect & Desktop v9.5.7 - Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1838 Security ID: PSIRT-5180 Bulletin: https://helpx.adobe.com/security/products/connect/apsb16-35.html...

6.1CVSS6.2AI score0.07007EPSS
Exploits6
Patchstack
Patchstack
added 2016/11/08 12:0 a.m.8 views

WordPress WassUp Real Time Analytics Plugin <= 1.9 - Persistent XSS

Because of this vulnerability attackers can inject malicious JavaScript code into the application, which will execute within the browser of any user who views the Activity Log, in general WP admin. Solution Update the plugin...

4.5AI score
Exploits0References1Affected Software1
Packet Storm
Packet Storm
added 2016/11/07 12:0 a.m.22 views

Edusson (Robotdon) BB Script Insertion

Document Title: =============== Edusson Robotdon BB - Filter Bypass & Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1870 Release Date: ============= 2016-11-03 Vulnerability Laboratory ID VL-ID:...

7.4AI score
Exploits0
Vulnerability Lab
Vulnerability Lab
added 2016/11/03 12:0 a.m.26 views

Edusson (Robotdon) BB - Bypass & Persistent Vulnerability

Document Title: =============== Edusson Robotdon BB - Bypass & Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1870 Release Date: ============= 2016-11-03 Vulnerability Laboratory ID VL-ID: ==================================== 18...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2016/11/02 12:0 a.m.37 views

Alienvault OSSIMUSM 5.3.1 - Persistent Cross-Site Scripting

Alienvault OSSIMUSM 5.3.1 - Persistent Cross-Site Scripting Details ======= Product: Alienvault OSSIM/USM Vulnerability: Stored XSS Author: Peter Lapp, lappsec gmail com CVE: CVE-2016-8581 CVSS: 3.5 Vulnerable Versions: Current Sessions. POC === The POC uses jQuery to send all session IDs on the...

4.3CVSS0.2AI score0.17058EPSS
Exploits5
0day.today
0day.today
added 2016/11/02 12:0 a.m.26 views

Moodle CMS 3.1.2 Cross Site Scripting / File Upload Vulnerabilities

Exploit for php platform in category web applications Title: Multiple Vulnerabilities - Moodle CMS -3.1.2 Application: Moodle CMS Versions Affected: = 3.1.2 Vendor URL: https://moodle.org/ Software URL: https://download.moodle.org/ Discovered by: Joel Vadodil Varghese Tested on: Windows 10 Pro...

7.1AI score
Exploits0
Drupal
Drupal
added 2016/11/02 12:0 a.m.20 views

Bootstrap - Moderately Critical - Cross Site Scripting (XSS) - SA-CONTRIB-2016-058

The Bootstrap theme enables you to integrate the Bootstrap framework with Drupal. The theme does not sufficiently filter potential user-supplied data when it's passed to certain templates can which lead to a Persistent Cross Site Scripting XSS vulnerability. CVE identifiers issued ACVE identifier...

6.2AI score
Exploits0References12
Packet Storm
Packet Storm
added 2016/11/01 12:0 a.m.29 views

Moodle CMS 3.1.2 Cross Site Scripting / File Upload

Title: Multiple Vulnerabilities - Moodle CMS -3.1.2 Application: Moodle CMS Versions Affected: = 3.1.2 Vendor URL: https://moodle.org/ Software URL: https://download.moodle.org/ Discovered by: Joel Vadodil Varghese Tested on: Windows 10 Pro Bugs: Persistent Cross Site Scripting, Non-Persistent...

Exploits0
Prion
Prion
added 2016/10/28 3:59 p.m.16 views

Command injection

In Bitcoin Knots v0.11.0.ljr20150711 through v0.13.0.knots20160814 fixed in v0.13.1.knots20161027, the debug console stores sensitive information including private keys and the wallet passphrase in its persistent command history...

2.1CVSS6.9AI score0.0046EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2016/10/28 3:59 p.m.12 views

Cross site scripting

A persistent XSS vulnerability exists in the User-Agent header of the login process of AlienVault OSSIM and USM before 5.3.2 that allows an attacker to steal session IDs of logged in users when the current sessions are viewed by an administrator...

4.3CVSS6AI score0.17058EPSS
Exploits5References3Affected Software2
CVE
CVE
added 2016/10/28 3:0 p.m.61 views

CVE-2016-8581

CVE-2016-8581 is a stored XSS vulnerability in the User-Agent header of the login process of AlienVault OSSIM/USM up to version 5.3.1, allowing an attacker to steal session IDs when an admin views current sessions. Root cause: improper handling of the User-Agent header enabling script injection. ...

6.1CVSS5.9AI score0.17058EPSS
Exploits5References3Affected Software2
Cvelist
Cvelist
added 2016/10/28 3:0 p.m.26 views

CVE-2016-8581

A persistent XSS vulnerability exists in the User-Agent header of the login process of AlienVault OSSIM and USM before 5.3.2 that allows an attacker to steal session IDs of logged in users when the current sessions are viewed by an administrator...

6AI score0.17058EPSS
Exploits5References3
0day.today
0day.today
added 2016/10/26 12:0 a.m.37 views

Zenbership 107 - Multiple Vulnerabilities

Exploit for php platform in category web applications 1. ADVISORY INFORMATION ======================================== Title: Zenbership latest version - Multiple Vulnerabilities Application: Zenbership Class: Sensitive Information disclosure Versions Affected: alert'ExploitDB' HTTP Request POST...

0.2AI score
Exploits0
Metasploit
Metasploit
added 2016/10/25 2:41 p.m.71 views

Windows Manage Persistent EXE Payload Installer

This Module will upload an executable to a remote host and make it Persistent. It can be installed as USER, SYSTEM, or SERVICE. USER will start on user login, SYSTEM will start on system boot but requires privs. SERVICE will create a new service which will start the payload. Again requires privs...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2016/10/24 12:0 a.m.32 views

Zenbership 107 Cross Site Request Forgery / Cross Site Scripting

ADVISORY INFORMATION ======================================== Title: Zenbership latest version - Multiple Vulnerabilities Application: Zenbership Class: Sensitive Information disclosure Versions Affected: alert'ExploitDB' HTTP Request POST /zenbership/pp-functions/formprocess.php HTTP/1.1 Host:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2016/10/23 12:0 a.m.37 views

Zenbership 107 - Multiple Vulnerabilities

ADVISORY INFORMATION ======================================== Title: Zenbership latest version - Multiple Vulnerabilities Application: Zenbership Class: Sensitive Information disclosure Versions Affected: alert'ExploitDB' HTTP Request POST /zenbership/pp-functions/formprocess.php HTTP/1.1 Host:...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2016/10/19 12:0 a.m.49 views

XhP CMS 0.5.1 - Cross-Site Request Forgery Persistent Cross-Site Scripting

XhP CMS 0.5.1 - Cross-Site Request Forgery Persistent Cross-Site Scripting Exploit Title: XhP CMS 0.5.1 - Cross-Site Request Forgery to Persistent Cross-Site Scripting Exploit Author: Ahsan Tahir Date: 19-10-2016 Software Link: https://sourceforge.net/projects/xhp/ Vendor:...

0.1AI score
Exploits0
Rows per page
Query Builder