Lucene search
K

12 matches found

Japan Vulnerability Notes
Japan Vulnerability Notes
added 2024/03/26 6:35 a.m.3 views

0ch BBS Script (0ch) vulnerable to cross-site scripting

Overview 0ch BBS Script 0ch according to the original report submitted by the reporter provided by Zerochannel according to the original report submitted by the reporter is bulletin board software. 0ch BBS Script 0ch contains a cross-site scripting vulnerability CWE-79. During the meeting of...

6.1CVSS6.2AI score0.00313EPSS
Exploits0References3
Packet Storm
Packet Storm
added 2021/07/05 12:0 a.m.243 views

Trojan-Spy.Win32.Xspyout.a Unauthenticated Open Proxy

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/d1791ca15c5df6f8f5d007518efd65b6.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Spy.Win32.Xspyout.a Vulnerability: Unauthenticated Open Proxy Description: The malware listen...

0.2AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2021/04/22 7:33 a.m.3 views

yappa-ng vulnerable to cross-site scripting

Overview yappa-ng provided by yet another PHP photo album next generation according to the original report submitted by the reporter is a PHP photo gallery. yappa-ng contains a cross-site scripting vulnerability CWE-79 which allows unintentional script execution on the user's web browser. During...

6.1CVSS6.3AI score0.03722EPSS
Exploits1References4
Packet Storm
Packet Storm
added 2021/04/08 12:0 a.m.439 views

Trojan.Win32.Hosts2.yqf Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/274a6e846c5a4a2b3281198556e5568b.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.Hosts2.yqf Vulnerability: Insecure Permissions Description: Hosts2.yqf creates an...

7.4AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2021/03/25 8:52 a.m.2 views

Click Ranker vulnerable to cross-site scripting

Overview Click Ranker contains a stored cross-site scripting vulnerability CWE-79 which allows unintentional script execution on the web browser of user who accesses a page ranking screen. During the meeting of Committee for authorizing the disclosure of unresolved vulnerabilities held on January...

6.1CVSS6.1AI score0.00756EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2021/03/25 8:46 a.m.3 views

Kagemai vulnerable to cross-site scripting

Overview Kagemai provided by daifukuya.com is a bug tracking system to share bug information of the software being developed among its development team. Kagemai contains a stored cross-site scripting vulnerability CWE-79 which allows an unintended script execution on the web browser of the user w...

6.1CVSS5.9AI score0.00756EPSS
Exploits0References4
Exploit DB
Exploit DB
added 2020/05/21 12:0 a.m.393 views

Composr CMS 10.0.30 - Persistent Cross-Site Scripting

Title: Composr CMS 10.0.30 - Persistent Cross-Site Scripting Author: Manuel Garcia Cardenas Date: 2020-02-06 Vendor: https://compo.sr/ CVE: N/A ============================================= MGC ALERT 2020-001 - Original release date: February 06, 2020 - Last revised: May 21, 2020 - Discovered by:...

5.4CVSS5.8AI score0.00652EPSS
Exploits4
Packet Storm
Packet Storm
added 2016/09/24 12:0 a.m.43 views

Metasploit Web UI Static secret_key_base Value

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule NullSerializer @serializer = options:serializer || Marshal end def encryptandsignvalue...

0.1AI score
Exploits0
0day.today
0day.today
added 2013/08/03 12:0 a.m.73 views

INSTEON Hub 2242-222 - Lack of Web and API Authentication

Exploit for hardware platform in category web applications The INSTEON Hub allows users to control their home automation devices from their home, and across the Internet. To allow control of the devices from the Internet requires that a user create a port forward from the Internet to the Hub on...

8AI score0.06973EPSS
Exploits6
Packet Storm
Packet Storm
added 2009/12/31 12:0 a.m.27 views

WingFTP 3.2.4 Cross Site Request Forgery

Application: WingFTP Server 3.2.4 maybe earlier versions too Link: http://www.wftpserver.com/ Vulnerability: CSRF Author: Ams Contact: mail: ax330d at gmail dot com site: http://www.0x416d73.name/ 1. About software "Wing FTP server is not only a FTP server. It's a multi-protocol file serverFTP,...

0.9AI score
Exploits0
Packet Storm
Packet Storm
added 2009/07/28 12:0 a.m.26 views

IXXO Cart SQL Injection

Original advisory at: http://www.davidsopas.com/2009/07/25/ixxo-cart-standalone-and-joomla-component-sql-injection/ Ref. DSF-03-2009 – IXXO Cart! Standalone and Joomla Component SQL Injection Vendor: IXXO Internet Solutions Status: Patched by vendor IXXO Cart! IXXO Cart is an extremely powerful p...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2007/12/29 12:0 a.m.23 views

faqmaster-multi.txt

Security Advisory - - FAQMasterFlexPlus multiple vulnerabilities - --------------------------------------------------------------- Product: FAQMasterFlexPlus Version: Latest version is affected, other not tested Vendor: http://www.netbizcity.com Affected by: Cross-Site Scripting & SQL injection...

7.4AI score
Exploits0
Rows per page
Query Builder