6245 matches found
ijitech.org XSS vulnerability
Open Bug Bounty ID: OBB-214686 Description| Value ---|--- Affected Website:| ijitech.org Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
Debian: Security Advisory (DSA-3784-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
shegame.com XSS vulnerability
Open Bug Bounty ID: OBB-206770 Description| Value ---|--- Affected Website:| shegame.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
hioa.no XSS vulnerability
Vulnerable URL: http://www.hioa.no/content/search?SearchText=mafal' Details: Description| Value ---|--- Patched:| No Latest check for patch:| 30.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 73223 VIP website status:| No Check hioa.no SSL connection:| Grad...
CVE-2016-5060
Multiple cross-site scripting XSS vulnerabilities in nGrinder before 3.4 allow remote attackers to inject arbitrary web script or HTML via the 1 description, 2 email, or 3 username parameter to user/save...
PT-2016-17: Cross-Site Scripting in SAP NetWeaver
The specialists of the Positive Research center have detected a Cross-Site Scripting vulnerability in SAP NetWeaver. Reflected cross-site scripting in the "/com.sap.portal.themes.styleservice.LockingTestPortalComponent" component allows remote attackers to inject arbitrary HTML tags including...
CVE-2016-6320
Cross-site scripting XSS vulnerability in app/assets/javascripts/hosteditinterfaces.js in Foreman before 1.12.2 allows remote authenticated users to inject arbitrary web script or HTML via the network interface device identifier in the host interface form...
Open-Xchange: OX Guard: DOM Based Cross-Site Scripting
Summary OX Guard's "Guest Reader" is vulnerable to DOM Based XSS. The vulnerable parameter is "templid". The reader.js script see below takes the parameter's value and injects it into the page/DOM without encoding/sanitizing it first. PoC:...
Fotoware Fotoweb Cross-site Scripting Vulnerability
Fotoware Fotoweb is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
rsafrance.biz XSS vulnerability
Open Bug Bounty ID: OBB-171102 Description| Value ---|--- Affected Website:| rsafrance.biz Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat She...
DLA-555-1 python-django - security update
Bulletin has no description...
erc.europa.eu XSS vulnerability
Vulnerable URL: https://erc.europa.eu/getvideo/15148?height=353=650" Details: Description| Value ---|--- Patched:| Yes, at 27.07.2017 Latest check for patch:| 27.07.2017 10:40 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website...
CVE-2016-5704
Cross-site scripting XSS vulnerability in the table-structure page in phpMyAdmin 4.6.x before 4.6.3 allows remote attackers to inject arbitrary web script or HTML via vectors involving a comment...
Kagao 3.0 - Multiple Vulnerabilities
Kagao 3.0 - Multiple Vulnerabilities Application Name : Kagao v3.0 - Professional Classified Market Google Dork : inurl:/cat1.php?id2= Exploit Author : Cyber Warrior | Bug Researchers Group | N4TuraL Vendor Homepage : http://kogaoscript.com/ Vulnerable Type : SQL Injection & Cross Site Scripting...
Kagao 3.0 - Multiple Vulnerabilities
Application Name : Kagao v3.0 - Professional Classified Market Google Dork : inurl:/cat1.php?id2= Exploit Author : Cyber Warrior | Bug Researchers Group | N4TuraL Vendor Homepage : http://kogaoscript.com/ Vulnerable Type : SQL Injection & Cross Site Scripting Date : 2016-06-26 Tested on : Windows...
Real Estate Portal 4.1 - Multiple Vulnerabilities
Real Estate Portal 4.1 - Multiple Vulnerabilities Real Estate Portal v4.1 Remote Code Execution Vulnerability Vendor: NetArt Media Product web page: http://www.netartmedia.net Affected version: 4.1 Summary: Real Estate Portal is a software written in PHP, allowing you to launch powerful and...
Teampass v2.1.26 - Stored Cross Site Scripting Vulnerability
Document Title: =============== Teampass v2.1.26 - Stored Cross Site Scripting Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1845 Release Date: ============= 2016-05-23 Vulnerability Laboratory ID VL-ID: ==================================...
wunderground.com XSS vulnerability
Vulnerable URL: https://www.wunderground.com/blog/nationalsummary/weather-underground-national-forecast-for-friday-april-29%27%22%3E%3CScRiPt%20%3Eprompt%28/OPENBUGBOUNTY/%29%3C/ScRiPt%3E-2016 Details: Description| Value ---|--- Patched:| Yes, at 27.07.2017 Latest check for patch:| 27.07.2017 08:...
ncga.state.nc.us XSS vulnerability
Open Bug Bounty ID: OBB-148849 Description| Value ---|--- Affected Website:| ncga.state.nc.us Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
JVN#78482127: EC-CUBE plugin "Social-button Plugin Premium" and "Social-button Plugin" vulnerable to cross-site scripting
EC-CUBE plugin "Social-button Plugin Premium" and "Social-button Plugin" provided by Cyber-Will Inc. contain a cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest version according to th...