5 matches found
Stored XSS on drawio
Sumary Draw io has a feature to put links on a text, due to a bad sanitization it allows to put javascript:// scheme on a anchor tag which allows to execute javascript code Steps to reproduce 1. Create a text box and set word size to 50 2. Click with the rigth button and "Edit link" 3. Put...
Invision Power Board 1.x?2.x3.x - Admin Takeover
Invision Power Board 1.x?2.x3.x - Admin Takeover IPB Invision Power Board all versions 1.x? / 2.x / 3.x Admin account Takeover leading to code execution Written on : 2013/05/02 Released on : 2013/05/13 Author: John JEAN @johnjean on twitter Affected application: Invision Power Board = 3.4.4 Type ...
Invision Power Board 1.x / 2.x / 3.x Admin Account Takeover
Invision Power Board IPD versions 1.x, 2.x, and 3.x suffer from an administrative account takeover vulnerability that allows for code execution. IPB Invision Power Board all versions 1.x? / 2.x / 3.x Admin account Takeover leading to code execution Written on : 2013/05/02 Released on : 2013/05/13...
Invision Power Board 1.x?/2.x/3.x - Admin Takeover
IPB Invision Power Board all versions 1.x? / 2.x / 3.x Admin account Takeover leading to code execution Written on : 2013/05/02 Released on : 2013/05/13 Author: John JEAN @johnjean on twitter Affected application: Invision Power Board = 3.4.4 Type of vulnerability: Logical Vulnerability / Bad...
Invision Power Board 1.x / 2.x / 3.x Admin Account Takeover
IPB Invision Power Board all versions 1.x? / 2.x / 3.x Admin account Takeover leading to code execution Written on : 2013/05/02 Released on : 2013/05/13 Author: John JEAN @johnjean on twitter Affected application: Invision Power Board = 3.4.4 Type of vulnerability: Logical Vulnerability / Bad...