5 matches found
Open Redirect
📝 Description The redirect get variable in login page isn't properly checked. Currently, it check if url.scheme and url.netloc are empty using urllib. py parsed = urlparseredirecturl check if redirect url is valid if parsed.scheme != "" or parsed.netloc != "": logger.warning f"Got an invalid...
Hide My WP <= 4.53 - Stored-Cross Site Scripting (XSS)
An attacker can make a fake attack attempt which will be logged, and can inject JavaScript. PoC curl --referer 'you are using bad filtering for input ript alert"XSS here" ript; :; ;' http://example.com...
Hide My WP <= 4.51.1 - Stored Cross-Site Scripting (XSS)
An attacker can make a fake attack attempt, with a JavaScripting payload, which will be logged by the plugin, resulting in XSS. The attacker also can spoof their IP address in the logs by setting the X-FORWARDED-FOR header. curl --referer ' // :; ;' --header 'X-FORWARDED-FOR: 8.8.8.8'...
Macromedia Flash ActionDefineFunction Memory Access (CVE-2005-2628)
A remote code execution vulnerability exists in the Macromedia Flash plugin. The flaw is created by insufficient validation checks of user input values. This vulnerability may be exploited by a malicious user to inject and execute arbitrary code on the target host. In a successful attack, an...
Microsoft Windows Explorer Invalid URL File Parsing Stack Overflow (CVE-2006-3351)
The Microsoft Windows series of operating systems is one of the most popular systems in use on workstations, home computers, and servers. All versions of the OS include a graphical shell interface, called Windows Explorer. There exists a stack exhaustion vulnerability in Microsoft Windows Explore...