10 matches found
CVE-2026-8901
The Integration for Freshsales – Contact Form 7, WPForms, Elementor, Gravity Forms and More plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Form Submission Data in all versions up to, and including, 1.0.15 due to insufficient input sanitization and output escaping. This make...
PT-2025-52297
Name of the Vulnerable Software and Affected Versions Kentico Xperience affected versions not specified Description A stored cross-site scripting issue exists in Kentico Xperience. Attackers can inject malicious scripts through error messages that contain specially crafted object names. This allo...
EUVD-2019-19197
Malware in sbrugna...
CVE-2019-9838
VFront 0.99.5 has stored XSS via the admin/syncregtab.php azzera parameter, which is mishandled during admin/errorlog.php rendering...
User with only "edit" can delete post and somethimes can add post
Description If you create a user with edit-only user rights, they should not be able to perform delete or add actions. This is really an admin error, because users with edit permissions can delete posts, and in the case of FAQs, they can also add posts. Proof of Concept 1.Create new user with edi...
Setting a high feeRate can block exercise or cause negative flow of funds
Lines of code Vulnerability details Impact When an admin intentionally or unintentionally sets a feeRate greater than 1e18 100%, The exercise function can fail with arithmetic operation underflow at line 289 In the case, when beneficiary is connected to multiple vaults, the exercise function will...
hansme.com XSS vulnerability
Vulnerable URL: http://www.hansme.com/Admin/Error.aspx?Tip= Details: Description| Value ---|--- Patched:| No Latest check for patch:| 26.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 3279425 Google Pagerank| 3 VIP website status:| No Check hansme.com SSL...
Humhub 0.10.0-rc.1 - Multiple Persistent Cross-Site Scripting Vulnerabilities
Exploit Title: Humhub test Will insert the corresponding HTML elements into the post/comment body. 2. Humhub-modules-mail 7 persistent XSS vulnerability Humhub-modules-mail versions 0.5.9 and prior when used in conjunction with Humhub 0.10.0-rc.1 or prior is affected by the same vulnerability as...
Joomla! Component Restaurant Guide 1.0.0 - Multiple Vulnerabilities
Joomla! Component Restaurant Guide 1.0.0 - Multiple Vulnerabilities Exploit Title: Joomla Component comrestaurantguide Multiple Vulnerabilities Date: 18.09.2010 Author: Valentin Category: webapps/0day Version: 1.0.0 Tested on: Debian lenny, Apache2, MySQL 5, Joomla 1.5.x CVE : Code :...
Site News v 1.1 admin head error
+| Advisory 16. Site News v 1.1 admin head error Software: Site News v 1.1 Problem-Type: local Platforms: All Vulnerability: admin error Date: 29'Aug 2004 discovered by XSPYD3X -xspyd3xatinboxdotru- HTTP: www.lwb57.org IRC: irc.lwb57.org:6667 lwb +:| Exploit |: Messages are added by the usual use...