CVE-2025-45091

Seafile versions 11.0.18-Pro, 12.0.10, and 12.0.10-Pro are vulnerable to a stored Cross-Site Scripting XSS attack. An authenticated attacker can exploit this vulnerability by modifying their username to include a malicious XSS payload in notification and activities...

CVE-2019-1385

creationtimestamp| type| source ---|---|--- 2023-06-14 21:10:03+00:00| seen| MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123 2023-12-04 16:24:36+00:00| seen| https://t.me/arpsyndicate/1249 2024-02-11 15:06:53+00:00| seen| https://t.me/ctinow/182809 2024-03-15 08:58:02+00:00| seen| https://t.me/ptsoft/2...

Microsoft Dynamics CRM 2011 Update Rollup 13

Microsoft Dynamics CRM 2011 Update Rollup 13 INTRODUCTION Update Rollup 13 for Microsoft Dynamics CRM 2011 is now available. This article describes the hotfixes and updates that are included in this update rollup. This update rollup is available for all languages that are supported by Microsoft...

GitLab: Guests Will Disclose the Private Project Full Activity Via Project Activity Feeds

Hello! Here guests will disclose the complete activity of the project via feeds Reproduction Steps: Create Private Project. Invite Attacker as Guest. Next attacker will go to https://gitlab.com/victimyoursz/helloproject/activity and he access the feeds link...

WordPress Symposium 14.05.02 Cross Site Request Forgery

Plugin Name : WP Symposium A8-Cross-SiteRequestForgeryCSRF Effected Version : 14.05.02 and most probably lower version's if any Vulnerability : A8-Cross-Site Request Forgery CSRF Identified by : Madhu Akula Technical Details Minimum Level of Access Required : Unauthenticated PoC - Proof of Concep...

WordPress WP Symposium Plugin 15.1 - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Wordpress Plugin wp-symposium Unauthenticated SQL Injection Vulnerability Date: 2015-07-30 Exploit Author: PizzaHatHacker Vendor Homepage: http://www.wpsymposium.com/ Version: ? = version = 15.5.1 Tested on: Apache / WordPress...