Lucene search
K

30 matches found

Hacker One
Hacker One
added 2016/08/30 7:14 p.m.14 views

Nextcloud: Reflected Self-XSS Vulnerability in the Comment section of Files (Different-payloads)

Note::steps mentioned in report164027 In the Comments Box,the payload to execute XSS is passed. Test Payloads: alert1 Also the above payload is still working.. Also try this payload " fooalert1 Click edit comment after posted. XSS Triggers...

3AI score
Exploits0
CNVD
CNVD
added 2015/07/02 12:0 a.m.1 views

Beaker HTML Injection Vulnerability

Beaker is a suite of open source software used to manage and automate test computers in laboratories. Beaker in the processing of "edit comment" in the data lack of correct HTML escaping , allowing remote attackers to exploit the vulnerability to inject malicious script or HTML code , when...

5.4CVSS6.8AI score0.00929EPSS
Exploits0References1
exploitpack
exploitpack
added 2013/03/02 12:0 a.m.15 views

Plogger - Multiple Input Validation Vulnerabilities

Plogger - Multiple Input Validation Vulnerabilities source: https://www.securityfocus.com/bid/58271/info Plogger is prone to following input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data: 1. An SQL-injection vulnerability 2. Multiple cross-site scripting...

0.3AI score
Exploits0
Prion
Prion
added 2010/05/26 6:30 p.m.11 views

Design/Logic Flaw

TalkBack 2.3.14 does not properly restrict access to the edit comment feature comments.php, which allows remote attackers to modify comments...

6.4CVSS7.2AI score0.02605EPSS
Exploits1References6Affected Software1
CVE
CVE
added 2010/05/26 6:0 p.m.55 views

CVE-2009-4874

CVE-2009-4874 affects TalkBack 2.3.14 where the edit comment feature (comments.php) does not correctly enforce access control, allowing remote modification of comments. The root cause is insufficient access restrictions on the edit-comment functionality. Documents do not provide a confirmed patch...

6.4CVSS6.9AI score0.02605EPSS
Exploits1References6Affected Software1
0day.today
0day.today
added 2009/07/09 12:0 a.m.30 views

TalkBack 2.3.14 Multiple Remote Vulnerabilities

Exploit for unknown platform in category web applications =============================================== TalkBack 2.3.14 Multiple Remote Vulnerabilities =============================================== Download:http://scripts.oldguy.us/talkback/downloads2/talkback2.3.14.zip Script : talkback V...

7.1AI score
Exploits0
OSV
OSV
added 2008/08/27 3:21 p.m.3 views

DEBIAN-CVE-2008-3747

The 1 geteditpostlink and 2 geteditcommentlink functions in wp-includes/link-template.php in WordPress before 2.6.1 do not force SSL communication in the intended situations, which might allow remote attackers to gain administrative access by sniffing the network for a cookie...

7.5CVSS6.8AI score0.0255EPSS
Exploits0References1
securityvulns
securityvulns
added 2006/02/04 12:0 a.m.33 views

[SA18711] MediaWiki Edit Comment Formatting Denial of Service

TITLE: MediaWiki Edit Comment Formatting Denial of Service SECUNIA ADVISORY ID: SA18711 VERIFY ADVISORY: http://secunia.com/advisories/18711/ CRITICAL: Less critical IMPACT: DoS WHERE: From remote SOFTWARE: MediaWiki 1.x http://secunia.com/product/2546/ DESCRIPTION: A vulnerability has been...

0.1AI score
Exploits0
OSV
OSV
added 2006/01/19 9:3 p.m.2 views

DEBIAN-CVE-2006-0322

Unspecified vulnerability the edit comment formatting functionality in MediaWiki 1.5.x before 1.5.6 and 1.4.x before 1.4.14 allows attackers to cause a denial of service infinite loop via "certain malformed links."...

5CVSS6.7AI score0.01565EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2006/01/19 9:0 p.m.31 views

CVE-2006-0322

Unspecified vulnerability the edit comment formatting functionality in MediaWiki 1.5.x before 1.5.6 and 1.4.x before 1.4.14 allows attackers to cause a denial of service infinite loop via "certain malformed links."...

5CVSS6.1AI score0.01565EPSS
Exploits0
Rows per page
Query Builder