Rocket.Chat: XSS (stored) Wizard is saving executable code

issue: xssstored Stored XSS occurs when a web application gathers input from a user which might be malicious, and then stores that input in a data store for later use. The stored input is not correctly filtered. As a consequence, the malicious data will appear to be part of the web site and run...

Sophos Cyberoam - Cross-site scripting

Sophos Cyberoam - Cross-site scripting Exploit Title: Sophos Cyberoam – Cross-site scripting XSS vulnerability Date: 25/05/2017 Exploit Author: Bhadresh Patel Version: = Firmware Version 10.6.4 CVE : CVE-2016-9834 This is an article with video tutorial for Sophos Cyberoam – Cross-site scripting X...

Microsoft Internet Explorer 5.0.1 ITS Protocol Zone Bypass Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9658/info Microsoft Internet Explorer has been reported prone to a vulnerability that may permit hostile content to be interpreted in the Local Zone. The issue may be exploited via the ITS InfoTech Storage Protocol URI...

ImageVue 0.16.1 - index.php?bgcol Cross-Site Scripting

ImageVue 0.16.1 - index.php?bgcol Cross-Site Scripting source: https://www.securityfocus.com/bid/16594/info ImageVue is prone to multiple vulnerabilities, including unauthorized uploading of files with arbitrary extensions, authentication bypass, information disclosure, and content injection...