34 matches found
CVE-2021-4046
The mtxtNom y mtxtCognoms parameters in TCMAN GIM v8.01 allow an attacker to perform persistent XSS attacks. This vulnerability could be used to carry out a number of browser-based attacks including browser hijacking or theft of sensitive data...
Meredith: Shop - Reflected XSS With Clickjacking Leads to Steal User's Cookie In Two Domain
Hii Security Team , I am S Rahul MCEHMetaxone Certified Ethical Hacker and a Security Researcher I just checked your website and found Reflected XSS to Good XSS Clickjacking In Two Domain Description:- As the search parameter is vulnerable to XSS and but the plus point is there is no...
Cross site scripting
A reflected XSS vulnerability exists in the web console of the Document Viewer Agent in Novell GroupWise before 2014 R2 Support Pack 1 Hot Patch 2 that may enable a remote attacker to execute JavaScript in the context of a valid user's browser session by getting the user to click on a specially...
CVE-2016-9169
The vulnerability CVE-2016-9169 affects the web console of the Document Viewer Agent in Novell GroupWise (older than 2014 R2 Support Pack 1 Hot Patch 2). It is a reflected XSS where a remote attacker can entice a user to click a crafted link, enabling JavaScript execution in the user’s browser se...
Microsoft Edge Adds App Guard Browser Security
Microsoft is bringing virtualization to its Edge browser with a security tool called Windows Defender Application Guard. The technology, announced this week at Microsoft’s 2016 Ignite conference in Atlanta, takes a virtualization-based approach to isolating browser-based attacks from the internet...
Beehive Forum 0.7.1 Links.PHP Multiple Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/24413/info Beehive Forum is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage any of these issues to execute arbitrary...
Hacking Facebook users just from chat box using multiple vulnerabilities
Nir Goldshlager, Founder/CEO at Break Security known for finding serious flaws in Facebook once again on The Hacker News for sharing his new finding i.e Stored Cross-site Scripting XSS in Facebook Chat, Check In and Facebook Messenger. Stored Cross-site Scripting XSS is the most dangerous type of...
PrestaShop 1.4.7 - Multiple Cross-Site Scripting Vulnerabilities
PrestaShop 1.4.7 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/55280/info PrestaShop is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute...
MySmartBB 1.7 - Multiple Cross-Site Scripting Vulnerabilities
MySmartBB 1.7 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/38385/info MySmartBB is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute...
WikyBlog 1.7.1 - Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/31525/info WikyBlog is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...
AppServ Open Project 2.5.10 - appservlang Cross-Site Scripting
AppServ Open Project 2.5.10 - appservlang Cross-Site Scripting source: https://www.securityfocus.com/bid/29291/info AppServ Open Project is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute...
Indexu 5.05.3 - power_search.php Multiple Cross-Site Scripting Vulnerabilities
Indexu 5.05.3 - powersearch.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/22084/info Indexu is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to...
SunShop Shopping Cart 3.5 - Multiple Cross-Site Scripting Vulnerabilities
SunShop Shopping Cart 3.5 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/17770/info SunShop Shopping Cart is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied...
FishCart 3.1 - upstnt.php?cartid SQL Injection
FishCart 3.1 - upstnt.php?cartid SQL Injection source: https://www.securityfocus.com/bid/13499/info FishCart is prone to multiple cross-site scripting and SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input. A successful exploit of the SQL-injectio...