5 matches found
CVE-2021-30637
creationtimestamp| type| source ---|---|--- 2024-11-14 06:08:54+00:00| seen| MISP/453892aa-3b77-4a2b-b7b4-5f905765d7a8...
htmly 2.8.0 Cross Site Scripting
Exploit Title: htmly 2.8.0 allows stored XSS Authors: @nu11secur1ty & G.Dzhankushev Date: 04.15.2021 Vendor: htmly Link: https://github.com/danpros/htmly CVE: CVE-2021-30637 + Exploit Source: https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-26929 Exploit Program Code !/usr/bin/python3...
htmly 2.8.0 Cross Site Scripting Exploit
Exploit Title: htmly 2.8.0 allows stored XSS Authors: @nu11secur1ty & G.Dzhankushev Date: 04.15.2021 Vendor: htmly Link: https://github.com/danpros/htmly CVE: CVE-2021-30637 Software Link: https://github.com/danpros/htmly Video: https://www.youtube.com/watch?v=xKRQZYqVlS4 Steps to Reproduce:...
htmly 2.8.0 - 'description' Stored Cross-Site Scripting (XSS)
Exploit Title: htmly 2.8.0 - 'description' Stored Cross-Site Scripting XSS Authors: @nu11secur1ty & G.Dzhankushev Date: 04.15.2021 Vendor Homepage: https://www.htmly.com/ Software Link: https://github.com/danpros/htmly CVE: CVE-2021-30637 !/usr/bin/python3 from selenium import webdriver from...
CVE-2021-30637
CVE-2021-30637 affects htmly 2.8.0, allowing stored XSS via the blog title, Tagline, or Description submitted to config.html.php. The root cause is unescaped user input stored and later reflected, enabling script execution in affected pages. Public writeups and exploits exist (e.g., PacketStorm/E...