Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

NVD
NVDadded yesterday3 views

CVE-2019-25739

GigToDo 1.3 contains a persistent cross-site scripting vulnerability that allows authenticated attackers to inject malicious JavaScript and HTML code through the proposal description field. Attackers can craft XSS payloads in the createproposal endpoint that execute when administrators or other...

6.4CVSS
Exploits0References4
CVE
CVEadded yesterday6 views

CVE-2019-25739

GigToDo 1.3 is affected by a persistent cross-site scripting vulnerability accessible through the create_proposal endpoint, enabling authenticated attackers to inject JavaScript/HTML in the proposal description. When stored proposals are viewed by admins or other users, the payload can execute, p...

6.4CVSS5.7AI score
Exploits0References4
ATTACKERKB
ATTACKERKBadded yesterday3 views

CVE-2019-25739

GigToDo 1.3 contains a persistent cross-site scripting vulnerability that allows authenticated attackers to inject malicious JavaScript and HTML code through the proposal description field. Attackers can craft XSS payloads in the createproposal endpoint that execute when administrators or other...

6.4CVSS5.7AI score
Exploits0References4
Vulnrichment
Vulnrichmentadded yesterday4 views

CVE-2019-25739 GigToDo Freelance Marketplace Script 1.3 Persistent XSS

GigToDo 1.3 contains a persistent cross-site scripting vulnerability that allows authenticated attackers to inject malicious JavaScript and HTML code through the proposal description field. Attackers can craft XSS payloads in the createproposal endpoint that execute when administrators or other...

6.4CVSS5.7AI score
Exploits0References4
Packet Storm
Packet Stormadded 2019/07/29 12:0 a.m.183 views

GigToDo 1.3 Cross Site Scripting

Exploit Title: GigToDo - Freelance Marketplace Script v1.3 Persistent XSS Injection Google Dork: - Date: 2019/07/28 Author: m0ze Vendor Homepage: https://www.gigtodoscript.com Software Link: https://codecanyon.net/item/gigtodo-freelance-marketplace-script/23855397 Version: = 1.3 Tested on:...

7.4AI score
Exploits0
Exploit DB
Exploit DBadded 2019/07/29 12:0 a.m.302 views

GigToDo 1.3 - Cross-Site Scripting

Exploit Title: GigToDo - Freelance Marketplace Script v1.3 Persistent XSS Injection Google Dork: - Date: 2019/07/28 Author: m0ze Vendor Homepage: https://www.gigtodoscript.com Software Link: https://codecanyon.net/item/gigtodo-freelance-marketplace-script/23855397 Version: = 1.3 Tested on:...

7.4AI score
Exploits0
exploitpack
exploitpackadded 2019/07/29 12:0 a.m.26 views

GigToDo 1.3 - Cross-Site Scripting

GigToDo 1.3 - Cross-Site Scripting Exploit Title: GigToDo - Freelance Marketplace Script v1.3 Persistent XSS Injection Google Dork: - Date: 2019/07/28 Author: m0ze Vendor Homepage: https://www.gigtodoscript.com Software Link: https://codecanyon.net/item/gigtodo-freelance-marketplace-script/238553...

6.8AI score
Exploits0
Rows per page
Query Builder