6 matches found
WinNMP 跨站脚本漏洞
WinNMP is a WinNMP package for quickly setting up a development server. A cross-site scripting vulnerability exists in WinNMP version 19.02, which stems from susceptibility to cross-site scripting XSS attacks that could allow an attacker to send a specially crafted query to an authenticated user...
Session fixation
An insufficient session expiration vulnerability exists in the "Fish | Hunt FL" iOS app version 3.8.0 and earlier, which allows a remote attacker to reuse, spoof, or steal other user and admin sessions...
CVE-2021-27930
Multiple stored XSS vulnerabilities in IrisNext Edition 9.5.16, which allows an authenticated or compromised user to inject malicious JavaScript in folder/file name within the application in order to grab other users’ sessions or execute malicious code in their browsers 1-click RCE...
Race condition
An improper authentication vulnerability can be exploited through a race condition that occurs in Ellucian Banner Web Tailor 8.8.3, 8.8.4, and 8.9 and Banner Enterprise Identity Services 8.3, 8.3.1, 8.3.2, and 8.4, in conjunction with SSO Manager. This vulnerability allows remote attackers to ste...
Honeywell XL Web II Controller Session Fixation Vulnerability
Honeywell XL Web Controller is a web-based SCADA system. A session fixation vulnerability exists in Honeywell XL Web II Controller, which can be exploited by an attacker to establish a new user session and steal authenticated sessions...
photopost50rc3.txt
PhotoPost 5.0RC3, All Enthusiast, Inc, multiple vulnerabilities March 05 2005 For your consideration. 1. BACKGROUND PhotoPost is a popular commercial image publishing software. Everyone loves showing off their photos! Add PhotoPost to your site, or let us install it for you, and your visitors wil...