Lucene search
K

191 matches found

Exploit DB
Exploit DB
added 2016/04/18 12:0 a.m.38 views

WordPress Plugin leenk.me 2.5.0 - Cross-Site Request Forgery / Cross-Site Scripting

I would like to disclose CSRF and stored XSS vulnerability in Wordpress plugin LeenkMe version 2.5.0. The plugin can be found at https://wordpress.org/plugins/leenkme/ In the page wp-content/plugins/leenkme/facebook.php XSS vulnerable Fields are : - facebookmessage - facebooklinkname -...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2015/08/24 12:0 a.m.50 views

PHPfileNavigator 2.3.3 Persistent & Reflected XSS

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-PHPFILENAVIGATOR0812c.txt Vendor: ================================ pfn.sourceforge.net Product: =================================== PHPfileNavigator v2.3.3 pfn Is...

6.2AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.14 views

Wireshark 1.10.7 - DoS PoC

No description provided by source. !/usr/bin/python Exploit Title: Wireshark Read Access Violation near NULL starting at libcairo2!cairoimagesurfacegetdata Date: May 15th 2014 Author: Osanda Malith Jayathissa E-Mail: osandajayathissaatgmail.com Version: 1.10.7 32-bit and 64-bit Vendor Homepage:...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2013/10/14 12:0 a.m.6274 views

PHPFox 3.6.0 Cross Site Scripting

------------------------------------------------------------ Exploit Title: PHPFox v3.6.0 build6 Multiple Cross-Site Scripting vulnerabilities ------------------------------------------------------------ Author: BHG Security Center Date: Saturday, October 12, 2013 Vendor: http://www.phpfox.com...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2010/01/30 12:0 a.m.13 views

dotProject 2.1.3 - Cross-Site Scripting Improper Permissions

dotProject 2.1.3 - Cross-Site Scripting Improper Permissions Exploit Title: dotProject 2.1.3 XSS and Improper Permissions Date: Dec 15 2009 Author: h00die [email protected] & S0lus Software Link:...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2009/09/28 12:0 a.m.107 views

[ONSEC-09-011] UMI.CMS Multiple XSS

ONSEC-09-011 UMI.CMS Multiple XSS Цель: UMI CMS =2.7.3 Тип: Межсайтовый скриптинг Угроза: Средняя Дата обнаружения: 15.07.2009 Дата оповещения разработчика: 15.07.2009 Дата выхода исправления: 03.09.2009 Автор: Vladimir Vorontsov OnSec Russian Security Group onsec dot ru Описание: Уязвимые поля...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2006/11/16 12:0 a.m.27 views

blogmev3.txt

vendor site:http://www.drumster.net/ product:Blogme v3 bug:login bypass & xss post risk:high admin login bypass : user : ' or '1' = '1 passwd: 1'='1' ro ' xss post : in: /comments.asp?blog=85 vulnerables fields: - Name - URL - Comments laurent gaffié & benjamin mossé http://s-a-p.ca/ contact:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2006/11/13 12:0 a.m.16 views

wheatblogXSS.txt

vendor site: http://wheatblog.sourceforge.net/ product : Wheatblog bug: multiple xss post & full path disclosure risk : medium xss post : /addcomment.php vulnerable fieds : - Name - WWW - Comment impact: an attacker can steal the cookie from every persons who is watching at the comments. full pat...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2004/06/10 12:0 a.m.42 views

Multiple Vulnerabilities in Invision Power Board v1.3.1 Final.

Description: Multiple Vulnerabilities in Invision Power Board v1.3.1 Final. Compromise: SQL Injection, Cross site Scripting. Vulnerable Systems: Invision Power Board v1.3.1 Final. Details: An Input Validation Error exists in ssi.php. $sqlfields is vulnerable to An Input Validation Error. How to...

0.4AI score
Exploits0
Packet Storm
Packet Storm
added 2004/03/05 12:0 a.m.18 views

invision13.txt

Software: Invision Power Board Vendor: http://www.invisionboard.com/ Versions: U v1.3 Final Bug: Cross Site Scripting Vulnerabillity Risk: Medium Exploitation: Remote with browser Date: 29 Feb 2004 Author: Rafel Ivgi, The-Insider E-Mail: [email protected] Web: http://theinsider.deep-ice.com 1...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2004/01/26 12:0 a.m.36 views

inrtra.txt

Software: Inrtra Forum Perl CGI Vendor: http://www.diburim.co.il/ Versions: Single version was created Bug: Cross Site Scripting Vulnerabillity Risk: Low Exploitation: Remote with browser Date: 24 Jan 2004 Author: Rafel Ivgi, The-Insider E-Mail: [email protected] Web:...

7.4AI score
Exploits0
Rows per page
Query Builder