Lucene search
K

25 matches found

OSV
OSV
added 2019/05/07 7:29 p.m.3 views

CVE-2019-7687

cgi-bin/qcmapwebcgi on JioFi 4 jmr1140 AmtelJMR1140R12.07 devices has POST based reflected XSS via the Page parameter. No sanitization is performed for user input data...

6.1CVSS6.4AI score0.0155EPSS
Exploits3References5
Cvelist
Cvelist
added 2019/05/07 6:58 p.m.27 views

CVE-2019-7687

cgi-bin/qcmapwebcgi on JioFi 4 jmr1140 AmtelJMR1140R12.07 devices has POST based reflected XSS via the Page parameter. No sanitization is performed for user input data...

6.2AI score0.0155EPSS
Exploits3References5
Hacker One
Hacker One
added 2018/10/27 2:27 p.m.39 views

Shopify: POST-based XSS on apps.shopify.com

Hello Shopify team! I found a post-based XSS which may be shared to other users and occurs in firefox, IE, Edge. How to reproduce: 1. at partners.shopify.com go to apps - choose one - more actions - create shopify app store listing 2. you will get redirected to url with ?signature parameter. Full...

0.7AI score
Exploits0
Packet Storm
Packet Storm
added 2018/05/21 12:0 a.m.30 views

Oracle Cross Site Scripting

Exploit Title: POST BASED XSS at ORACLE Date: 18 Oct 2017 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.oracle.com/ Software Link: Oracle App Service Version: Oracle App Service - XXX2017OCXXX Tested on: Chrome / FireFox / Opera / IE / Safari Browser Description : This script is...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2014/07/14 12:0 a.m.22 views

phpyun绕过360艰难的SQL注射

简要描述: 想在PHP云里进行一次SQL注射,真的是好难。 详细说明: 我首先发现了一个SQL注射,这个过程也不轻松。 在phpyun/model/class/action.class.php中 function getadminusershell if$SESSION'auid' && $SESSION'ashell' $row=$this-admingetusershell$SESSION'auid',$SESSION'ashell'; if!$row$this-logout;echo "无权操作!";die; if$GET'm'=="" || $GET'm'=="index" ||...

7.1AI score
Exploits0
Rows per page
Query Builder