Lucene search
K

5 matches found

Huntr
Huntr
added 2022/06/30 4:22 p.m.7 views

Open Redirect

📝 Description The redirect get variable in login page isn't properly checked. Currently, it check if url.scheme and url.netloc are empty using urllib. py parsed = urlparseredirecturl check if redirect url is valid if parsed.scheme != "" or parsed.netloc != "": logger.warning f"Got an invalid...

0.3AI score
Exploits0
WPVulnDB
WPVulnDB
added 2015/08/13 12:0 a.m.6 views

Hide My WP <= 4.53 - Stored-Cross Site Scripting (XSS)

An attacker can make a fake attack attempt which will be logged, and can inject JavaScript. PoC curl --referer 'you are using bad filtering for input ript alert"XSS here" ript; :; ;' http://example.com...

0.4AI score
Exploits0References1Affected Software1
wpexploit
wpexploit
added 2015/07/27 12:0 a.m.12 views

Hide My WP <= 4.51.1 - Stored Cross-Site Scripting (XSS)

An attacker can make a fake attack attempt, with a JavaScripting payload, which will be logged by the plugin, resulting in XSS. The attacker also can spoof their IP address in the logs by setting the X-FORWARDED-FOR header. curl --referer ' // :; ;' --header 'X-FORWARDED-FOR: 8.8.8.8'...

0.1AI score
Exploits0References1
Check Point Advisories
Check Point Advisories
added 2010/07/15 12:0 a.m.4 views

Macromedia Flash ActionDefineFunction Memory Access (CVE-2005-2628)

A remote code execution vulnerability exists in the Macromedia Flash plugin. The flaw is created by insufficient validation checks of user input values. This vulnerability may be exploited by a malicious user to inject and execute arbitrary code on the target host. In a successful attack, an...

5.1CVSS7.6AI score0.06756EPSS
Exploits1
Check Point Advisories
Check Point Advisories
added 2009/10/20 12:0 a.m.1 views

Microsoft Windows Explorer Invalid URL File Parsing Stack Overflow (CVE-2006-3351)

The Microsoft Windows series of operating systems is one of the most popular systems in use on workstations, home computers, and servers. All versions of the OS include a graphical shell interface, called Windows Explorer. There exists a stack exhaustion vulnerability in Microsoft Windows Explore...

5.4CVSS6AI score0.06933EPSS
Exploits1
Rows per page
Query Builder