Lucene search
K

10 matches found

ATTACKERKB
ATTACKERKB
added 2026/06/06 1:26 a.m.11 views

CVE-2026-8901

The Integration for Freshsales – Contact Form 7, WPForms, Elementor, Gravity Forms and More plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Form Submission Data in all versions up to, and including, 1.0.15 due to insufficient input sanitization and output escaping. This make...

7.2CVSS5.7AI score0.00314EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2025/12/18 12:0 a.m.7 views

PT-2025-52297

Name of the Vulnerable Software and Affected Versions Kentico Xperience affected versions not specified Description A stored cross-site scripting issue exists in Kentico Xperience. Attackers can inject malicious scripts through error messages that contain specially crafted object names. This allo...

5.1CVSS6.2AI score0.00179EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-19197

Malware in sbrugna...

6.1CVSS6.3AI score0.01058EPSS
Exploits2References4
RedhatCVE
RedhatCVE
added 2025/05/22 8:58 a.m.11 views

CVE-2019-9838

VFront 0.99.5 has stored XSS via the admin/syncregtab.php azzera parameter, which is mishandled during admin/errorlog.php rendering...

6.1CVSS5.7AI score0.01058EPSS
Exploits2References1
Huntr
Huntr
added 2023/02/15 12:10 a.m.20 views

User with only "edit" can delete post and somethimes can add post

Description If you create a user with edit-only user rights, they should not be able to perform delete or add actions. This is really an admin error, because users with edit permissions can delete posts, and in the case of FAQs, they can also add posts. Proof of Concept 1.Create new user with edi...

4CVSS5AI score0.00699EPSS
Exploits1
Code423n4
Code423n4
added 2022/05/14 12:0 a.m.11 views

Setting a high feeRate can block exercise or cause negative flow of funds

Lines of code Vulnerability details Impact When an admin intentionally or unintentionally sets a feeRate greater than 1e18 100%, The exercise function can fail with arithmetic operation underflow at line 289 In the case, when beneficiary is connected to multiple vaults, the exercise function will...

6.8AI score
Exploits0
Openbugbounty
Openbugbounty
added 2016/03/23 9:40 p.m.8 views

hansme.com XSS vulnerability

Vulnerable URL: http://www.hansme.com/Admin/Error.aspx?Tip= Details: Description| Value ---|--- Patched:| No Latest check for patch:| 26.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 3279425 Google Pagerank| 3 VIP website status:| No Check hansme.com SSL...

6.3AI score
Exploits0
Exploit DB
Exploit DB
added 2014/12/10 12:0 a.m.21 views

Humhub 0.10.0-rc.1 - Multiple Persistent Cross-Site Scripting Vulnerabilities

Exploit Title: Humhub test Will insert the corresponding HTML elements into the post/comment body. 2. Humhub-modules-mail 7 persistent XSS vulnerability Humhub-modules-mail versions 0.5.9 and prior when used in conjunction with Humhub 0.10.0-rc.1 or prior is affected by the same vulnerability as...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2010/09/18 12:0 a.m.10 views

Joomla! Component Restaurant Guide 1.0.0 - Multiple Vulnerabilities

Joomla! Component Restaurant Guide 1.0.0 - Multiple Vulnerabilities Exploit Title: Joomla Component comrestaurantguide Multiple Vulnerabilities Date: 18.09.2010 Author: Valentin Category: webapps/0day Version: 1.0.0 Tested on: Debian lenny, Apache2, MySQL 5, Joomla 1.5.x CVE : Code :...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2004/08/31 12:0 a.m.23 views

Site News v 1.1 admin head error

+| Advisory 16. Site News v 1.1 admin head error Software: Site News v 1.1 Problem-Type: local Platforms: All Vulnerability: admin error Date: 29'Aug 2004 discovered by XSPYD3X -xspyd3xatinboxdotru- HTTP: www.lwb57.org IRC: irc.lwb57.org:6667 lwb +:| Exploit |: Messages are added by the usual use...

6.9AI score
Exploits0
Rows per page
Query Builder