214 matches found
CVE-2020-21333
Cross Site Scripting XSS vulnerability in PublicCMS 4.0 to get an admin cookie when the Administrator reviews submit case...
CVE-2020-21333
Cross Site Scripting XSS vulnerability in PublicCMS 4.0 to get an admin cookie when the Administrator reviews submit case...
Cross site scripting
Cross Site Scripting XSS vulnerability in PublicCMS 4.0 to get an admin cookie when the Administrator reviews submit case...
CVE-2020-21333
Cross Site Scripting XSS vulnerability in PublicCMS 4.0 to get an admin cookie when the Administrator reviews submit case...
Cross-site Scripting (XSS) - Stored in bigprof-software/online-invoicing-system
āļø Description There is a Stored XSS in the online invoicing system view price history which is lead by adding invoice items. š„ TESTED VERSION https://github.com/bigprof-software/online-invoicing-system/releases/tag/v5.0 šµļøāāļø Proof of Concept POC Video:...
Click2Magic 1.1.5 Cross Site Scripting
Exploit Title: Click2Magic 1.1.5 - Stored Cross-Site Scripting Exploit Author: Shivam Vermacyb3rn3rd Date: 2020-12-25 Google Dork: N/A Vendor Homepage: https://www.click2magic.com/user/agent/index Software Link: https://www.click2magic.com Version: 1.1.5 Category: Web Application Tested on: Kali...
Exploit for CVE-2018-9995
This is a Python script, getDVRCredentials.py, that exploits a vulnerability in DVR systems to obtain exposed credentials. The script is designed to target various DVR systems, including Novo, CeNova, QSee, Pulnix, XVR 5 in 1, Securus, Night OWL, DVR Login, HVR Login, and MDVR Login. The script...
CVE-2020-24609
TechKshetra Info Solutions Pvt. Ltd Savsoft Quiz 5.5 and earlier has XSS which can result in an attacker injecting the XSS payload in the User Registration section and each time the admin visits the manage user section from the admin panel, the XSS triggers and the attacker can steal the cookie v...
CVE-2020-8234
A vulnerability exists in The EdgeMax EdgeSwitch firmware v1.9.1 where the EdgeSwitch legacy web interface SIDSSL cookie for admin can be guessed, enabling the attacker to obtain high privileges and get a root shell by a Command injection...
XSS Vulnerability in FTDMS
FTDMS is a management system for information or resources developed using template engine caching technology. FTDMS suffers from an XSS vulnerability that can be exploited by an attacker to obtain an administrator cookie...
XSS Vulnerability in Extreme CMS
Extreme CMS is open source and free PHPCMS web content management system. Extreme CMS has an XSS vulnerability that can be exploited by attackers to obtain an administrator cookie...
CVE-2019-10263
An issue was discovered in Ahsay Cloud Backup Suite before 8.1.1.50. When creating a trial account, it is possible to inject XSS in the Alias field, allowing the attacker to retrieve the admin's cookie and take over the account...
CVE-2019-10263
An issue was discovered in Ahsay Cloud Backup Suite before 8.1.1.50. When creating a trial account, it is possible to inject XSS in the Alias field, allowing the attacker to retrieve the admin's cookie and take over the account...
Design/Logic Flaw
An issue was discovered in Ahsay Cloud Backup Suite before 8.1.1.50. When creating a trial account, it is possible to inject XSS in the Alias field, allowing the attacker to retrieve the admin's cookie and take over the account...
CVE-2019-10263
An issue was discovered in Ahsay Cloud Backup Suite before 8.1.1.50. When creating a trial account, it is possible to inject XSS in the Alias field, allowing the attacker to retrieve the admin's cookie and take over the account...
CVE-2019-10263
CVE-2019-10263 affects Ahsay Cloud Backup Suite prior to 8.1.1.50. The initial description documents an XSS vulnerability in the Alias field during trial account creation that could lead to an admin cookie theft and account takeover. Multiple connected sources corroborate the Ahsay exposure and s...
Design/Logic Flaw
An issue was discovered in versions earlier than 1.3.2 for Polycom RealPresence Debut where the admin cookie is reset only after a Debut is rebooted...
CVE-2018-10947
An issue was discovered in versions earlier than 1.3.2 for Polycom RealPresence Debut where the admin cookie is reset only after a Debut is rebooted...
CVE-2018-10947
An issue was discovered in versions earlier than 1.3.2 for Polycom RealPresence Debut where the admin cookie is reset only after a Debut is rebooted...
CVE-2018-10947
An issue was discovered in versions earlier than 1.3.2 for Polycom RealPresence Debut where the admin cookie is reset only after a Debut is rebooted...