Lucene search
K

25 matches found

Packet Storm
Packet Storm
added 2020/12/17 12:0 a.m.212 views

Seotoaster 3.2.0 Cross Site Scripting

Exploit Title: Seotoaster 3.2.0 - Stored XSS on Edit page properties Exploit Author: Hardik Solanki Vendor Homepage: https://www.seotoaster.com/ Software Link: https://crm-marketing-automation-platforms.seotoaster.com/ Version: 3.2.0 Tested on Windows 10 XSS ATTACK: Cross-site Scripting XSS is a...

7.4AI score
Exploits0
UbuntuCve
UbuntuCve
added 2020/06/19 10:15 p.m.23 views

CVE-2020-13262

Client-Side code injection through Mermaid markup in GitLab CE/EE 12.9 and later through 13.0.1 allows a specially crafted Mermaid payload to PUT requests on behalf of other users via clicking on a link...

6.1CVSS6.4AI score0.00871EPSS
Exploits0References4
FreeBSD
FreeBSD
added 2020/05/27 12:0 a.m.40 views

Gitlab -- Multiple Vulnerabilities

Gitlab reports: User Email Verification Bypass OAuth Flow Missing Email Verification Checks Notification Email Verification Bypass Undisclosed Vulnerability on a Third-Party Rendering Engine Group Sign-Up Restriction Bypass Mirror Project Owner Impersonation Missing Permission Check on Fork...

2AI score
Exploits0References1
NVD
NVD
added 2019/11/22 6:15 p.m.12 views

CVE-2019-15652

The web interface for NSSLGlobal SatLink VSAT Modem Unit VMU devices before 18.1.0 doesn't properly sanitize input for error messages, leading to the ability to inject client-side code...

6.1CVSS6.4AI score0.00897EPSS
Exploits1References2
CVE
CVE
added 2019/10/30 6:33 p.m.43 views

CVE-2019-18207

Summary: CVE-2019-18207 affects Zucchetti InfoBusiness ≤ 4.4.1. An authenticated user can inject client-side code due to improper validation of the Title field in the InfoBusiness Web Component. The payload is triggered whenever users browse the reports page. Affected software: Zucchetti InfoBusi...

5.4CVSS5.5AI score0.00516EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder