Lucene search
K

897 matches found

Hacker One
Hacker One
โ€ขadded 2017/03/26 11:40 p.m.โ€ข18 views

Urban Dictionary: Session replay vulnerability in www.urbandictionary.com

Session replay vulnerability in www.urbandictionary.com I considered titling this bug "Session tokens not expiring", which is what you need to tell your development team. But I titled it as I did to emphasize at least one attack made possible by the bug. There may be others. Description Privilege...

0.2AI score
Exploits0
0day.today
0day.today
โ€ขadded 2017/03/04 12:0 a.m.โ€ข32 views

WordPress Google Analytics Dashboard 2.1.1 Cross Site Scripting Vulnerability

Exploit for php platform in category web applications ------------------------------------------------------------------------ Cross-Site Scripting in Google Analytics Dashboard WordPress Plugin ------------------------------------------------------------------------ Yorick Koster, July 2016...

7.1AI score
Exploits0
Packet Storm
Packet Storm
โ€ขadded 2017/03/03 12:0 a.m.โ€ข61 views

WordPress User Login Log 2.2.1 Cross Site Scripting

------------------------------------------------------------------------ Stored Cross-Site Scripting vulnerability in User Login Log WordPress Plugin ------------------------------------------------------------------------ Axel Koolhaas, July 2016...

Exploits0
Packet Storm
Packet Storm
โ€ขadded 2017/03/03 12:0 a.m.โ€ข45 views

WordPress Magic Fields 1 1.7.1 Cross Site Scripting

------------------------------------------------------------------------ Cross-Site Scripting in Magic Fields 1 WordPress Plugin ------------------------------------------------------------------------ Burak Kelebek, July 2016 ----------------------------------------------------------------------...

0.2AI score
Exploits0
Exploit DB
Exploit DB
โ€ขadded 2017/03/01 12:0 a.m.โ€ข58 views

WordPress Plugin User Login Log 2.2.1 - Cross-Site Scripting

Source: https://sumofpwn.nl/advisory/2016/storedcrosssitescriptingvulnerabilityinuserloginlogwordpressplugin.html Abstract A stored Cross-Site Scripting vulnerability was found in the User Login Log WordPress Plugin. This issue can be exploited by Subscriber or higher and allows an attacker to...

7.4AI score
Exploits0
OSV
OSV
โ€ขadded 2017/02/01 10:59 p.m.โ€ข4 views

CVE-2016-9703

IBM Security Identity Manager Virtual Appliance does not invalidate session tokens which could allow an unauthorized user with physical access to the work station to obtain sensitive information...

2.4CVSS5.8AI score0.00346EPSS
Exploits0References3
CNVD
CNVD
โ€ขadded 2017/01/10 12:0 a.m.โ€ข6 views

IBM Security Identity Manager Virtual Appliance Local Information Disclosure Vulnerability

IBM Security Privileged Identity Manager is an enterprise identity management security solution. The IBM Security Identity Manager Virtual Appliance does not properly log out of session tokens, which can allow unauthorized users to gain access to sensitive workstation information...

2.4CVSS6.8AI score0.00346EPSS
Exploits0References1
erpscan
erpscan
โ€ขadded 2016/12/13 12:0 a.m.โ€ข524 views

SAP NetWeaver AS JAVA 7.3 AS JAVA XSS in ctcprotocol/Protocol servlet

Application: SAP NetWeaver AS JAVA Versions Affected: SAP NetWeaver AS JAVA 7.3 Vendor URL: SAP Bugs: XXS Reported: 13.12.2016 Vendor response: 14.12.2016 Date of Public Advisory: 11.04.2017 Reference: SAP Security Note 2406783 Author: Vahagn Vardanyan ERPScan VULNERABILITY INFORMATION Class: XSS...

4.3CVSS6.3AI score0.0097EPSS
Exploits0
0day.today
0day.today
โ€ขadded 2016/11/28 12:0 a.m.โ€ข25 views

WordPress Image Gallery 1.9.65 Cross Site Scripting Vulnerability

WordPress Image Gallery plugin version 1.9.65 suffers from a persistent cross site scripting vulnerability. ------------------------------------------------------------------------ Stored Cross-Site Scripting in Gallery - Image Gallery WordPress Plugin...

6.7AI score
Exploits0
Exploit DB
Exploit DB
โ€ขadded 2016/11/21 12:0 a.m.โ€ข54 views

WordPress Plugin Instagram Feed 1.4.6.2 - Cross-Site Request Forgery

!-- Source: https://sumofpwn.nl/advisory/2016/persistentcrosssitescriptingininstagramfeedpluginviacsrf.html Persistent Cross-Site Scripting in Instagram Feed plugin via CSRF Abstract A persistent Cross-Site Scripting vulnerability was found in the Instagram Feed plugin. This issue allows an...

7.4AI score
Exploits0
Packet Storm
Packet Storm
โ€ขadded 2016/11/20 12:0 a.m.โ€ข43 views

WordPress Huge IT Portfolio Gallery 2.0.77 Cross Site Scripting

------------------------------------------------------------------------ Cross-Site Scripting in Huge IT Portfolio Gallery WordPress Plugin ------------------------------------------------------------------------ Antonis Manaras, July 2016...

0.2AI score
Exploits0
Packet Storm
Packet Storm
โ€ขadded 2016/11/20 12:0 a.m.โ€ข46 views

WordPress Canvas - Shortcodes 1.92 Cross Site Scripting

------------------------------------------------------------------------ Stored Cross-Site Scripting in WP Canvas - Shortcodes WordPress Plugin ------------------------------------------------------------------------ Yorick Koster, July 2016...

0.3AI score
Exploits0
Packet Storm
Packet Storm
โ€ขadded 2016/11/13 12:0 a.m.โ€ข22 views

ShopZilla Comparision Shopping Script 2.3 Cross Site Scripting

======================================================================== | Title : shopzilla Comparison Shopping Script v2.3 xss vulnerability | Author : indoushka | email : [email protected] | Tested on : windows 8.1 FranASSais V.Pro | Version : v2.3 | Vendor :...

Exploits0
Packet Storm
Packet Storm
โ€ขadded 2016/11/11 12:0 a.m.โ€ข38 views

WordPress Google Maps 6.3.14 Cross Site Request Forgery

------------------------------------------------------------------------ Persistent Cross-Site Scripting in WP Google Maps Plugin via CSRF ------------------------------------------------------------------------ Sipke Mellema, July 2016...

0.3AI score
Exploits0
Packet Storm
Packet Storm
โ€ขadded 2016/11/09 12:0 a.m.โ€ข32 views

WordPress Calendar 1.3.7 Cross Site Scripting

------------------------------------------------------------------------ Cross-Site Scripting in Calendar WordPress Plugin ------------------------------------------------------------------------ Remco Vermeulen, July 2016 ------------------------------------------------------------------------...

7.4AI score
Exploits0
0day.today
0day.today
โ€ขadded 2016/11/09 12:0 a.m.โ€ข32 views

WordPress Quotes Collection 2.0.5 Cross Site Scripting Vulnerability

Exploit for php platform in category web applications ------------------------------------------------------------------------ Cross-Site Scripting vulnerability in Quotes Collection WordPress Plugin ------------------------------------------------------------------------ Yorick Koster, July 2016...

7.1AI score
Exploits0
0day.today
0day.today
โ€ขadded 2016/11/09 12:0 a.m.โ€ข28 views

WordPress Calendar 1.3.7 Cross Site Scripting Vulnerability

Exploit for php platform in category web applications ------------------------------------------------------------------------ Cross-Site Scripting in Calendar WordPress Plugin ------------------------------------------------------------------------ Remco Vermeulen, July 2016...

7.1AI score
Exploits0
Packet Storm
Packet Storm
โ€ขadded 2016/11/08 12:0 a.m.โ€ข34 views

WordPress Caldera Forms 1.3.5.3 Cross Site Scripting

------------------------------------------------------------------------ Cross-Site Scripting vulnerability in Caldera Forms WordPress Plugin ------------------------------------------------------------------------ Jurgen Kloosterman, July 2016...

Exploits0
Packet Storm
Packet Storm
โ€ขadded 2016/10/15 12:0 a.m.โ€ข21 views

Codoforum 3.4 Build 19 Cross Site Scripting

======================================================================== | Title : codoforum.v.3.4.build-19 XSS vulnerability | Author : indoushka | email : [email protected] | Tested on : windows 8.1 FranASSais V.Pro | Version : 5.2.0 | Vendor : http://codoforum.com/ | Dork : Powered by...

7.4AI score
Exploits0
Packet Storm
Packet Storm
โ€ขadded 2016/10/08 12:0 a.m.โ€ข24 views

Kure 0.7.1 Cross Site Scripting

======================================================================== | Title : kure-0.7.1 XSS vulnerability | Author : indoushka | email : [email protected] | Tested on : windows 8.1 FranASSais V.Pro | Version : 0.7.1 | Vendor :...

7.4AI score
Exploits0
Rows per page
Query Builder