Wordpress Ninja Forms 3.3.17 Plugin - Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: Wordpress Plugin Ninja Forms 3.3.17 - Cross-Site Scripting Exploit Author: MTK Vendor Homepage: https://ninjaforms.com Softwae Link: https://wordpress.org/plugins/ninja-forms/ Version: Up to V3.3.17 Tested on: Debian 9 - Apache2...

WordPress Plugin Ninja Forms 3.3.17 - Cross-Site Scripting

Exploit Title: Wordpress Plugin Ninja Forms 3.3.17 - Cross-Site Scripting Date: 2018-11-15 Exploit Author: MTK Vendor Homepage: https://ninjaforms.com Softwae Link: https://wordpress.org/plugins/ninja-forms/ Version: Up to V3.3.17 Tested on: Debian 9 - Apache2 - Wordpress 4.9.8 - Firefox CVE :...

Ninja Forms <= 3.3.17 - Unauthenticated Cross-Site Scripting (XSS)

According to the changelog: "Patched a redirect XSS vulnerability using code injection on our submissions page."...

Open Ticket Request System (OTRS) File Deletion Vulnerability

Open Ticket Request System OTRS is an open source defect tracking and management system software. Open Ticket Request System OTRS suffers from a file deletion vulnerability that can be exploited by an attacker to delete files through manipulation of submission forms...

browser-forms (>=0.0.1 <=0.0.2), express-stormpath (>=0.1.0 <=0.5.8) +4 more potentially affected by CVE-2017-16015 via forms (>=0.1.0 <=1.1.4)

forms NPM version =0.1.0, =0.0.1, =0.1.0, =0.0.1, =1.0.0, =0.3.1, =0.0.1, =0.1.1 Source cves: CVE-2017-16015 Source advisory: OSV:GHSA-VWJJ-2852-3765...

Cross-Site Scripting in forms

Affected versions of forms do not properly escape HTML in generated forms, which may result in cross-site scripting. Recommendation Update to version 1.3.0 or later...

GHSA-VWJJ-2852-3765 Cross-Site Scripting in forms

Affected versions of forms do not properly escape HTML in generated forms, which may result in cross-site scripting. Recommendation Update to version 1.3.0 or later...

WordPress Pie Register 3.0.17 Cross Site Scripting Vulnerability

Exploit for php platform in category web applications =============================================================================================== Pie Register v3.0.17 WordPress Plugin - Cross-Site Scripting Vulnerability in Forgot-Password...

Foxit Reader and Foxit PhantomPDF for Windows Security Vulnerabilities

Foxit Reader for Windows is a Windows-based PDF document reader from China's Foxit Foxit Software Corporation.Foxit PhantomPDF for Windows is its commercial version. A memory misreference vulnerability exists in the handling of the desc attribute of an XFA object in Foxit Reader 9.2.0.9297 and...

WordPress WPML plugin cross-site scripting vulnerability

WordPress is the WordPress Software Foundation of a set of PHP language development of the blogging platform, the platform supports PHP and MySQL servers to set up a personal blog site. WPML also known as sitepress-multilingual-cms is used in one of the multi-language support plug-ins. A cross-si...

CVE-2018-17859

An issue was discovered in Joomla! before 3.8.13. Inadequate checks in comcontact could allow mail submission in disabled forms...

Design/Logic Flaw

An issue was discovered in Joomla! before 3.8.13. Inadequate checks in comcontact could allow mail submission in disabled forms...

CVE-2018-17859

CVE-2018-17859 affects Joomla! before 3.8.13, where inadequate checks in the com_contact component allow mail submission from disabled contact forms. The vulnerability stems from insufficient form-state validation in core code, enabling an attacker to trigger mail submission even when forms are d...

CVE-2018-17859

An issue was discovered in Joomla! before 3.8.13. Inadequate checks in comcontact could allow mail submission in disabled forms...

Foxit Reader JavaScript XFA Use After Free (CVE-2018-3850)

A use after free vulnerability exists in Foxit Reader. This vulnerability is due to improper handling of freed JavaScript XML Forms Architecture objects...

WordPress Pie Register 3.0.15 Cross Site Scripting

===================================================================================== Pie Register v3.0.15 WordPress Plugin - Cross-Site Scripting Vulnerability in Login ===================================================================================== Exploit Title: Pie Register v3.0.15...

Foxit PDF Reader JavaScript field object signatureGetSeedValue remote code execution vulnerability

Summary An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 9.2.0.9297. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick...

Symfony Configuration Cheat Sheet

The Symfony framework provides web developers with a great foundation for their PHP applications. Several components can be used for many recurring tasks that are required in every application, such as handling input forms or accessing a database. In addition to functional tasks, security-relevan...

Jobs Factory SQL Injection Vulnerability in Joomla!

Joomla! is the United States Open Source Matters team developed a set of open source content management system CMS. A SQL injection vulnerability exists in the Jobs Factory component of Joomla! The vulnerability is caused by inserting SQL commands into the query string of a web form submission or...

List of changes and fixed issues in the .NET Framework 3.5 Service Pack 1

List of changes and fixed issues in the .NET Framework 3.5 Service Pack 1 Summary This article describes the following aspects of the Microsoft .NET Framework 3.5 Service Pack 1 SP1: Hotfixes that are included in this service pack New features and functionalities Note This update also includes...