Lucene search
K

6 matches found

Packet Storm
Packet Storm
added 2023/07/31 12:0 a.m.312 views

Copyparty 1.8.6 Cross Site Scripting

Exploit Title: copyparty v1.8.6 - Reflected Cross Site Scripting XSS Date: 23/07/2023 Exploit Author: Vartamtezidis Theodoros @TheHackyDog Vendor Homepage: https://github.com/9001/copyparty/ Software Link: https://github.com/9001/copyparty/releases/tag/v1.8.6 Version: =1.8.6 Tested on: Debian Lin...

7.1AI score0.06195EPSS
Exploits3
0day.today
0day.today
added 2023/07/28 12:0 a.m.232 views

copyparty v1.8.6 - Reflected Cross Site Scripting Vulnerability

Exploit Title: copyparty v1.8.6 - Reflected Cross Site Scripting XSS Exploit Author: Vartamtezidis Theodoros @TheHackyDog Vendor Homepage: https://github.com/9001/copyparty/ Software Link: https://github.com/9001/copyparty/releases/tag/v1.8.6 Version: =1.8.6 Tested on: Debian Linux CVE :...

6.3CVSS7.1AI score0.06195EPSS
Exploits3
Exploit DB
Exploit DB
added 2023/07/28 12:0 a.m.314 views

copyparty v1.8.6 - Reflected Cross Site Scripting (XSS)

Exploit Title: copyparty v1.8.6 - Reflected Cross Site Scripting XSS Date: 23/07/2023 Exploit Author: Vartamtezidis Theodoros @TheHackyDog Vendor Homepage: https://github.com/9001/copyparty/ Software Link: https://github.com/9001/copyparty/releases/tag/v1.8.6 Version: =1.8.6 Tested on: Debian Lin...

6.3CVSS6.3AI score0.06195EPSS
Exploits3
CVE
CVE
added 2023/07/25 9:6 p.m.108 views

CVE-2023-38501

Copyparty (portable file server) is affected by CVE-2023-38501 via a reflected XSS in the web interface, exploitable through URL parameters ?k304=... and ?setck=... in versions prior to 1.8.7. The vulnerability allows an attacker to execute arbitrary JavaScript by enticing a user to click a craft...

6.3CVSS6AI score0.06195EPSS
Exploits3References3Affected Software1
OSV
OSV
added 2023/07/25 9:6 p.m.33 views

CVE-2023-38501 copyparty vulnerable to reflected cross-site scripting via k304 parameter

copyparty is file server software. Prior to version 1.8.7, the application contains a reflected cross-site scripting via URL-parameter ?k304=... and ?setck=.... The worst-case outcome of this is being able to move or delete existing files on the server, or upload new files, using the account of t...

6.3CVSS6.1AI score0.06195EPSS
Exploits3References5
Circl
Circl
added 2023/07/23 4:22 p.m.15 views

CVE-2023-38501

creationtimestamp| type| source ---|---|--- 2023-07-23 16:22:59+00:00| published-proof-of-concept| https://github.com/9001/copyparty/security/advisories/GHSA-f54q-j679-p9hh 2023-07-26 02:27:12+00:00| seen| https://t.me/cibsecurity/67279 2023-07-28 00:00:00+00:00| exploited|...

6.3CVSS6.5AI score0.06195EPSS
Exploits3References7
Rows per page
Query Builder