Lucene search
K

40 matches found

Gitee
Gitee
added 2025/09/14 1:50 p.m.109 views

Exploit for CVE-2012-0053

This repository is an offensive tool for web application exploitation, specifically for cross-site scripting XSS attacks. It contains a collection of payloads and scripts that can be used to exploit vulnerabilities in web applications. The payloads are designed to be injected into a vulnerable we...

4.3CVSS6.1AI score0.82756EPSS
Exploits4
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.207 views

MS15-018 Microsoft Internet Explorer 10 and 11 Cross-Domain JavaScript Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "MS15-018 Microsoft Internet Explorer 10 and 11 Cross-Domain JavaScript Injection", 'Description' = %q This module exploits a universal cross-site...

4.3CVSS7AI score0.71698EPSS
Exploits5
The Hacker News
The Hacker News
added 2024/08/29 3:59 p.m.52 views

Russian Hackers Exploit Safari and Chrome Flaws in High-Profile Cyberattack

Cybersecurity researchers have flagged multiple in-the-wild exploit campaigns that leveraged now-patched flaws in Apple Safari and Google Chrome browsers to infect mobile users with information-stealing malware. "These campaigns delivered n-day exploits for which patches were available, but would...

9.6CVSS9.5AI score0.29179EPSS
Exploits6
0day.today
0day.today
added 2023/05/09 12:0 a.m.460 views

FICO Origination Manager Decision Module 4.8.1 XSS / Session Hijacking Vulnerabilities

Multiple persistent cross site scripting vulnerabilities in FICO Origination Manager Decision Module version 4.8.1 allow an attacker to execute code in the context of the victim's browser using a crafted payload. Additionally, an attacker with initial access to the application, can get the...

7.5CVSS6.9AI score0.00956EPSS
Exploits2
Hacker One
Hacker One
added 2021/12/14 8:51 a.m.16 views

Judge.me : stored XSS on AliExpress Review Importer/Products when delete product

Hi @judgeme! code Step to reproduce: 1. Go to Shopify admin and create product with name "" img src=x onerror=prompt 2. Go to AliExpress Review Importer/Products and delete our product with name " img src=x onerror=promptdocument.domain F1544890 3. Xss work= P.S. Poc wideo attach F1544893 Impact...

1.1AI score
Exploits0
Hacker One
Hacker One
added 2021/12/04 9:47 a.m.10 views

Judge.me : Stored XSS in Question edit from product name

Hi @judgeme! Step to reproduce: 1. Log in to your shopify account and create product with name "img src=x onerror=prompt 2. Go to our store and write question to our product with name "img src=x onerror=prompt 3. Then go to Shopify admin/Judge.me Product Reviews/Questions and edit question. XSS...

0.8AI score
Exploits0
HackRead
HackRead
added 2021/10/22 6:17 p.m.22 views

Google details cookie stealer malware campaign targeting YouTubers

By Waqas Google attributed the malware campaign to a group of attackers recruited via a Russian-language hacker forum. This is a post from HackRead.com Read the original post: Google details cookie stealer malware campaign targeting YouTubers...

3.2AI score
Exploits0
ThreatPost
ThreatPost
added 2021/03/19 2:52 p.m.33 views

CopperStealer Malware Targets Facebook and Instagram Business Accounts

A malware that until now has gone undocumented has been quietly hijacking online accounts of advertisers and users of Facebook, Apple, Amazon, Google and other web giants since July 2019 and then using them for nefarious activity, researchers have found. Dubbed CopperStealer, the malware acts...

7AI score
Exploits0References7
Kitploit
Kitploit
added 2017/03/15 2:30 p.m.24 views

BrainDamage - A fully featured backdoor that uses Telegram as a C&C server

A python based backdoor which uses Telegram as C&C server. /\ /.\ ,.-'/ ",'-., -^ /-^: | \ | \ | | | | | | | | Coded by: Mehul [email protected] -- Github: https://github.com/mehulj94 -- Twitter: https://twitter.com/wayfarermj -- For windows only | | | | | | | | | / / | | | | | '/ / |...

7.8AI score
Exploits0References2
n0where
n0where
added 2017/03/02 8:24 p.m.27 views

Fully Featured Backdoor – Telegram C&C: BrainDamage

A python based backdoor which uses Telegram as C&C server. Features Persistance USB spreading Port Scanner Router Finder Run shell commands Keylogger Insert keystrokes Record audio Webserver Screenshot logging Download files in the host Execute shutdown, restart, logoff, lock Send drive tree...

0.1AI score
Exploits0References2
Kitploit
Kitploit
added 2016/11/04 2:30 p.m.32 views

Radium-Keylogger - Python keylogger with multiple features

Python keylogger with multiple features. Features Applications and keystrokes logging Screenshot logging Drive tree structure Logs sending by email Password Recovery for Chrome Mozilla Filezilla Core FTP CyberDuck FTPNavigator WinSCP Outlook Putty Skype Generic Network Cookie stealer Keylogger st...

7.3AI score
Exploits0References1
n0where
n0where
added 2016/09/02 4:52 p.m.20 views

Python Keylogger: Radium

Python Keylogger With Multiple Features Keystroke logging, often referred to as keylogging or keyboard capturing, is the action of recording logging the keys struck on a keyboard, typically covertly, so that the person using the keyboard is unaware that their actions are being monitored. Keyloggi...

Exploits0References1
Kitploit
Kitploit
added 2015/03/12 3:10 a.m.18 views

Cookies Manager - Simple Cookie Stealer

A simple program in PHP to help with XSS vulnerability in this program are the following: + Cookie Stealer with TinyURL Generator + Can you see the cookies that brings back a page + Can create cookies with information they want + Hidden to login to enter Panel use ?poraca to find the login A vide...

6.3AI score
Exploits0References1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.29 views

leap cms 0.1.4 (sql/xss/su) Multiple Vulnerabilities

No description provided by source. || || || -----------------------------------------\ == -- ----------- ---------------------------- ------------------/ ¡VIVA SPAIN!...¡GANAREMOS EL MUNDIAL!...o.O ¡PROUD TO BE SPANISH! --...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.12 views

LinkBase 2.0 - Remote Cookie Grabber Vulnerability

No description provided by source. + Download LinkBase 2.0 Cookie Grabber Exploit + Discovered By SirGod + www.mortal-team.net + www.h4cky0u.org + Greetz : All my friends + Make 2 files and upload to your host : stealer.php - Put the following code into the file : ?php $cookie = $GET'cookie'; $lo...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.9 views

Blackboard Products 6 Multiple HTML Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/19308/info Blackboard products are prone to multiple HTML-injection vulnerabilities because the software fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.27 views

Simple Machines Forum <= 1.1.7 '[url]' Tag HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/33595/info Simple Machines Forum is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML...

7.1AI score
Exploits0
0day.today
0day.today
added 2013/11/08 12:0 a.m.24 views

Aol.com XSS | Cookie Stealer (0day)

Exploit for multiple platform in category web applications This is private exploit. You can buy it at https://0day.today...

7.1AI score
Exploits0
0day.today
0day.today
added 2013/04/20 12:0 a.m.19 views

Freelancer.com XSS + Cookie Grabber

Stored XSS in Freelancer.com + Cookie Stealer. The package contains the how-to guide, PHP scriptcookie grabber and XSS vector in order. This is private exploit. You can buy it at https://0day.today...

6.4AI score
Exploits0
0day.today
0day.today
added 2013/02/21 12:0 a.m.31 views

e107 Persistant XSS vulnerability

Exploit for php platform in category web applications Exploit Title: E107 CMS Persistant XSS vulnerability Google Dork: "intitle:e107 powered website" | inurl:e107admin | ... Date: 18/02/2013 Exploit Author: Zyklon B Vendor Homepage: http://e107.org/ Software Link:...

7.1AI score
Exploits0
Rows per page
Query Builder