CVE-2020-7934

In LifeRay Portal CE 7.1.0 through 7.2.1 GA2, the First Name, Middle Name, and Last Name fields for user accounts in MyAccountPortlet are all vulnerable to a persistent XSS issue. Any user can modify these fields with a particular XSS payload, and it will be stored in the database. The payload wi...

CVE-2020-7934

The CVE-2020-7934 entry describes a stored XSS vulnerability in LifeRay Portal CE 7.1.0–7.2.1 GA2, specifically in the MyAccountPortlet where First Name, Middle Name, and Last Name fields can be altered by an attacker and the payload is stored in the database. The malicious data is rendered when ...

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the MyAccountPortlet fields such as First Name, Middle Name, and Last Name. A user can inject malicious scripts that persist within the database and are executed when other users view these modified fields...

CVE-2019-18456

An issue was discovered in GitLab Community and Enterprise Edition 8.17 through 12.4 in the Search feature provided by Elasticsearch integration.. It has Insecure Permissions issue 1 of 4...

CVE-2019-18456

Removed by vendor...

Cross site request forgery (csrf)

Horde Groupware Webmail Edition has CSRF and XSS when saving search as a virtual address book...

CVE-2019-13409

A SQL injection vulnerability was discovered in TOPMeeting before version 8.8 2019/08/19. An attacker can use a union based injection query string though a search meeting room feature to get databases schema and username/password...

Gila CMS 1.9.1 Cross Site Scripting

Exploit Title: Gila CMS search Cross Site Scripting Google Dork: intext:"Powered By Gila CMS" Date: 11.03.2019 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://gilacms.com Software Link: https://gilacms.com/packages/downloadRelease/1.9.1.zip Demo Site: https://gilacms.com/demo/ Version:...

Another Facebook Bug Could Have Exposed Your Private Information

Another security vulnerability has been reported in Facebook that could have allowed attackers to obtain certain personal information about users and their friends, potentially putting the privacy of users of the world's most popular social network at risk. Discovered by cybersecurity researchers...

grandcru.com.ar XSS vulnerability

Open Bug Bounty ID: OBB-682367 Description| Value ---|--- Affected Website:| grandcru.com.ar Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

elbuscolu.com XSS vulnerability

Open Bug Bounty ID: OBB-681693 Description| Value ---|--- Affected Website:| elbuscolu.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

brandzone.bz XSS vulnerability

Open Bug Bounty ID: OBB-680209 Description| Value ---|--- Affected Website:| brandzone.bz Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

kotsubu.net XSS vulnerability

Open Bug Bounty ID: OBB-678650 Description| Value ---|--- Affected Website:| kotsubu.net Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

birmilyonnokta.com XSS vulnerability

Open Bug Bounty ID: OBB-677783 Description| Value ---|--- Affected Website:| birmilyonnokta.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

bremen-tourismus.de XSS vulnerability

Open Bug Bounty ID: OBB-676137 Description| Value ---|--- Affected Website:| bremen-tourismus.de Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

bbf.org.au XSS vulnerability

Open Bug Bounty ID: OBB-675252 Description| Value ---|--- Affected Website:| bbf.org.au Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

usplastic.com XSS vulnerability

Open Bug Bounty ID: OBB-665957 Description| Value ---|--- Affected Website:| usplastic.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

aitonline.tv XSS vulnerability

Open Bug Bounty ID: OBB-664953 Description| Value ---|--- Affected Website:| aitonline.tv Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

battlearms.se XSS vulnerability

Open Bug Bounty ID: OBB-662507 Description| Value ---|--- Affected Website:| battlearms.se Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

krofian.biz XSS vulnerability

Open Bug Bounty ID: OBB-660953 Description| Value ---|--- Affected Website:| krofian.biz Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...