7654 matches found
Mapbox: Persistent cross-site scripting (XSS) in map attribution
Hello, I have found a Persistent Cross Site Scripting vulnerability when using a custom style uploaded by myself. Mapbox Studio allows create and upload styles for your maps. So if we create a new style with javascript code as attribution value it will be executed when loading a map that uses our...
Palo Alto Traps Server 3.1.2.1546 - Persistent XSS Vulnerability
Exploit for windows platform in category web applications !/usr/bin/ruby =begin ------------------------------------------------------------------------ Product: Palo Alto Traps Server formerly Cyvera Endpoint Protection Vendor: Palo Alto Networks Vulnerable Versions: 3.1.2.1546 Tested Version:...
Palo Alto Traps Server 3.1.2.1546 - Persistent Cross-Site Scripting
Palo Alto Traps Server 3.1.2.1546 - Persistent Cross-Site Scripting !/usr/bin/ruby =begin ------------------------------------------------------------------------ Product: Palo Alto Traps Server formerly Cyvera Endpoint Protection Vendor: Palo Alto Networks Vulnerable Versions: 3.1.2.1546 Tested...
Persistent Systems Radia Client Automation Command Execution - Ver2 (CVE-2015-1497)
A command execution vulnerability exists in Persistent Systems Radia Client Automation. The vulnerability is due to missing authentication while processing requests to the radexecd process. A remote unauthenticated attacker can exploit this vulnerability by sending crafted requests to the affecte...
Ebay Inc Xcom #7 - (Policy) Persistent Vulnerability
Document Title: =============== Ebay Inc Xcom 7 - Policy Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1228 Release Date: ============= 2015-03-25 Vulnerability Laboratory ID VL-ID: ==================================== 1228...
Ebay Inc Xcom #7 - (Policy) Persistent Vulnerability
Document Title: =============== Ebay Inc Xcom 7 - Policy Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1228 Release Date: ============= 2015-03-25 Vulnerability Laboratory ID VL-ID: ==================================== 1228...
Ebay Inc Xcom #6 - Persistent POST Inject Vulnerability
Document Title: =============== Ebay Inc Xcom 6 - Persistent POST Inject Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1227 Release Date: ============= 2015-03-24 Vulnerability Laboratory ID VL-ID: ==================================== 122...
Ebay Inc Xcom #6 - Persistent POST Inject Vulnerability
Document Title: =============== Ebay Inc Xcom 6 - Persistent POST Inject Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1227 Release Date: ============= 2015-03-24 Vulnerability Laboratory ID VL-ID: ==================================== 122...
Ebay Inc Xcom #4 - (Item Preview) Persistent Vulnerability
Document Title: =============== Ebay Inc Xcom 4 - Item Preview Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1215 Release Date: ============= 2015-03-23 Vulnerability Laboratory ID VL-ID: ==================================== 12...
SevenIT SevDesk 3.10 - Multiple Web Vulnerabilities
Document Title: =============== SevenIT SevDesk 3.10 - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1314 Release Date: ============= 2015-03-23 Vulnerability Laboratory ID VL-ID: ==================================== 1314...
DokuWiki 2014-09-29c Cross Site Scripting
Advisory ID: SGMA15-001 Title: DokuWiki persistent Cross Site Scripting Product: DokuWiki Version: 2014-09-29c and probably prior Vendor: www.dokuwiki.org Vulnerability type: Persistent XSS Risk level: Medium Credit: Filippo Cavallarin - segment.technology CVE: N/A Vendor notification: 2015-03-18...
Ebay Inc Xcom #4 - (Item Preview) Persistent Vulnerability
Document Title: =============== Ebay Inc Xcom 4 - Item Preview Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1215 Release Date: ============= 2015-03-23 Vulnerability Laboratory ID VL-ID: ==================================== 12...
SevenIT SevDesk 3.10 - Multiple Web Vulnerabilities
Document Title: =============== SevenIT SevDesk 3.10 - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1314 Release Date: ============= 2015-03-23 Vulnerability Laboratory ID VL-ID: ==================================== 1314...
Telescope 0.9.2 - Markdown Persistent Cross-Site Scripting
Exploit Title: Persistent XSS via Markdown on Telescope = 0.9.2 Date: Aug 22 2014 Exploit Author: shubs Vendor Homepage: http://www.telescopeapp.org/ Software Link: https://github.com/TelescopeJS/Telescope Version: = 0.9.2 CVE : CVE-2014-5144 Telescope 0.9.2 and below suffer from a persistent cro...
Moodle 2.5.9/2.6.8/2.7.5/2.8.3 - Block Title Handler Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Moodle 2.5.9/2.6.8/2.7.5/2.8.3 Block Title Handler Cross-Site Scripting Vendor: Moodle Pty Ltd Product web page: https://www.moodle.org Affected version: 2.8.3, 2.7.5, 2.6.8 and 2.5.9 Summary: Moodle is a learning platform designed to provide...
Stealthy, Persistent DLL Hijacking Works Against OS X
DLL hijacking has plagued Windows machines back as far as 2000 and provides hackers with a quiet way to gain persistence on a vulnerable machine, or remotely exploit a vulnerable application. And now it’s come to Apple’s Mac OS X. This week at the CanSecWest conference in Vancouver, Synack direct...
Moodle 2.5.9 / 2.6.8 / 2.7.5 / 2.8.3 Cross Site Scripting
Moodle 2.5.9/2.6.8/2.7.5/2.8.3 Block Title Handler Cross-Site Scripting Vendor: Moodle Pty Ltd Product web page: https://www.moodle.org Affected version: 2.8.3, 2.7.5, 2.6.8 and 2.5.9 Summary: Moodle is a learning platform designed to provide educators, administrators and learners with a single...
Moodle 2.5.92.6.82.7.52.8.3 - Block Title Handler Cross-Site Scripting
Moodle 2.5.92.6.82.7.52.8.3 - Block Title Handler Cross-Site Scripting Moodle 2.5.9/2.6.8/2.7.5/2.8.3 Block Title Handler Cross-Site Scripting Vendor: Moodle Pty Ltd Product web page: https://www.moodle.org Affected version: 2.8.3, 2.7.5, 2.6.8 and 2.5.9 Summary: Moodle is a learning platform...
Moodle 2.5.9/2.6.8/2.7.5/2.8.3 - Block Title Handler Cross-Site Scripting
Moodle 2.5.9/2.6.8/2.7.5/2.8.3 Block Title Handler Cross-Site Scripting Vendor: Moodle Pty Ltd Product web page: https://www.moodle.org Affected version: 2.8.3, 2.7.5, 2.6.8 and 2.5.9 Summary: Moodle is a learning platform designed to provide educators, administrators and learners with a single...
WoltLab Community Gallery - Persistent Cross-Site Scripting
WoltLab Community Gallery - Persistent Cross-Site Scripting Vulnerability title: Community Gallery - Stored Cross-Site Scripting vulnerability Product: Community Gallery Vendor: https://www.woltlab.com Affected version: Community Gallery 2.0 before 12/10/2014 Download link:...