175 matches found
web2py Cross-Site Request Forgery Vulnerability
web2py is a set of open source Web framework written in Python , it supports the rapid development of database-driven Web-based applications . A cross-site request forgery vulnerability exists in web2py version 2.14.5. An attacker can exploit this vulnerability to trick a user into enabling or...
Web2py 2.14.5 - Multiple Vulnerabilities
Exploit for php platform in category web applications Title - Web2py 2.14.5 Multiple Vulnerabilities LFI,XSS,CSRF Exploit Title : Web2py 2.14.5 Multiple Vulnerabilities LFI, XSS,CSRF Reported Date : 2-April-2016 Fixed Date : 4-April-2016 Exploit Author : Narendra Bhati -...
Web2py 2.14.5 CSRF / XSS / Local File Inclusion
Title - Web2py 2.14.5 Multiple Vulnerabilities LFI,XSS,CSRF Exploit Title : Web2py 2.14.5 Multiple Vulnerabilities LFI, XSS,CSRF Reported Date : 2-April-2016 Fixed Date : 4-April-2016 Exploit Author : Narendra Bhati - https://www.exploit-db.com/author/?a=7638 CVE ID : LFI - CVE-2016-4806 ,...
Web2py 2.14.5 - Multiple Vulnerabilities
Web2py 2.14.5 - Multiple Vulnerabilities Title - Web2py 2.14.5 Multiple Vulnerabilities LFI,XSS,CSRF Exploit Title : Web2py 2.14.5 Multiple Vulnerabilities LFI, XSS,CSRF Reported Date : 2-April-2016 Fixed Date : 4-April-2016 Exploit Author : Narendra Bhati -...
Web2py 2.14.5 - Multiple Vulnerabilities
Title - Web2py 2.14.5 Multiple Vulnerabilities LFI,XSS,CSRF Exploit Title : Web2py 2.14.5 Multiple Vulnerabilities LFI, XSS,CSRF Reported Date : 2-April-2016 Fixed Date : 4-April-2016 Exploit Author : Narendra Bhati - https://www.exploit-db.com/author/?a=7638 CVE ID : LFI - CVE-2016-4806 ,...
Kvasir - Penetration Testing Data Management Tool
Penetration Testing Data Management can be a nightmware, because well you generate a LOT of data and some information when conducing a penetration test, especially using tools – they return lots of actual and potential vulnerabilitites to review. Port scanners can return thousands of ports for ju...
[Kvasir] Tools for effective data management during a Penetration Test
Welcome to Kvasir! Herein these directories lay the groundwork tools for effective data management during a Penetration Test. Penetration tests can be data management nightmares because of the large amounts of information that is generally obtained. Vulnerability scanners return lots of actual an...
CVE-2013-2311
Cross-site scripting XSS vulnerability in static/js/share.js aka the social bookmarking widget in Web2py before 2.3.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2013-2311
Cross-site scripting XSS vulnerability in static/js/share.js aka the social bookmarking widget in Web2py before 2.3.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Cross site scripting
Cross-site scripting XSS vulnerability in static/js/share.js aka the social bookmarking widget in Web2py before 2.3.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2013-2311
Cross-site scripting XSS vulnerability in static/js/share.js aka the social bookmarking widget in Web2py before 2.3.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2013-2311
CVE-2013-2311 corresponds to a cross-site scripting (XSS) vulnerability in the web2py framework’s social bookmarking widget (static/js/share.js) shipped with Web2py prior to version 2.3.1. The issue allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, potentiall...
Cross-site scripting vulnerability in the web2py social bookmarking widget
Overview The social bookmarking widget share.js in web2py contains a cross-site scripting vulnerability. web2py is a framework for creating and designing web applications. The social bookmarking widget in web2py contains a cross-site scripting vulnerability. Yuji Kosuga of Everforth Co., Ltd...
JVN#10461119: Cross-site scripting vulnerability in the web2py social bookmarking widget
web2py is a framework for creating and designing web applications. The social bookmarking widget in web2py contains a cross-site scripting vulnerability. Impact A user who accesses a site created by web2py which uses share.js may have an arbitrary script executed on its web browser. Solution Upda...
[BMSA-2009-08] Multiple Vulnerabilities in PyForum
BLUE MOON SECURITY ADVISORY 2009-08 =================================== :Title: Multiple Vulnerabilities in PyForum :Severity: Critical :Reporter: Hoang Quoc Thinh and Blue Moon Consulting :Products: PyForum v1.0.3 :Fixed in: -- Description ----------- PyForum is a 100 python-based message board...