1007 matches found
Xerosploit - Efficient And Advanced Man In The Middle Framework
Xerosploit is a penetration testing toolkit whose goal is to perform man in the middle attacks for testing purposes. It brings various modules that allow to realise efficient attacks, and also allows to carry out denial of service attacks and port scanning. Powered by bettercap and nmap...
See how I use LastPass to get to all your password-vulnerability warning-the black bar safety net
! Please note:the manufacturer has successfully fixed this issue,and the relevant information to inform a Lastpass user. Vulnerability status:has been fixed Repair time frame:9 0 days Vulnerability level:severe Manufacturer:LastPass Product:LastPass Report Date:2 0 1 6 7 2 6, Vulnerability overvi...
WordPress Power Zoomer Plugin - Cross Site Scripting
Because of this vulnerability, the attackers can inject arbitrary JavaScript or HTML code. Solution Update the plugin...
Adobe Brackets Cross-site Scripting and Unspecified Vulnerabilities - Mac OS X
Adobe Brackets is prone to cross-site scripting and an unspecified vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Adobe Brackets Cross-site Scripting and Unspecified Vulnerabilities - Windows
Adobe Brackets is prone to cross-site scripting and an unspecified vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Cybozu Garoon 3.x < 4.2.0 Information Disclosure and XSS Vulnerabilities
Cybozu Garoon is prone to information disclosure and cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Mapbox: XSS on www.mapbox.com/authorize
Description --- When you don't include the parameter clientid in the request to the endpoint at https://www.mapbox.com/authorize/, the template template-modal-unauthorized included in the client code of the endpoint is rendered with the value of the parameter redirecturi sent in the request witho...
IBM Connections File Upload Vulnerability
IBM Connections is a suite of social software platforms from IBM in the United States. The platform provides advanced analytics and real-time data monitoring capabilities, and accelerates web collaboration within and outside the organization through IBM SmartCloud services. A file upload...
BlackBerry Enterprise Service Cross-Site Scripting Vulnerability (CNVD-2016-02337)
BlackBerry Enterprise Server is a wireless solution. The solution provides a unified architecture for mobile devices to access enterprise applications, wireless email communications. A cross-site scripting vulnerability exists in BlackBerry Enterprise Server, which allows remote attackers to...
JSN PowerAdmin 2.3.0 Code Exection / CSRF / XSS
--------------------------------------------------------- RatioSec Research Security Advisory RS-2016-001 --------------------------------------------------------- JSN PowerAdmin Joomla! Extension Remote Command Execution Via CSRF and XSS vulnerabilities...
WordPress Jetpack Plugin <= 3.9.1 - Cross Site Scripting
Because of this vulnerability, the attackers can inject arbitrary JavaScript or HTML code. Solution Update the plugin...
Fiyo CMS 2.0.2.1 Cross Site Scripting
Introduction Affected Product: Fiyo CMS 2.0.2.1 Fixed in: Fiyo CMS 2.0.6 Fixed Version Link: http://www.fiyo.org/blog/versi-2-0-6-banyak-perubahan-untuk-stabilitas Vendor Website: http://www.fiyo.org/ Vulnerability Type: Persistent XSS Remote Exploitable: Yes Reported to vendor: 28/12/2015 Fixed...
Hippo CMS 10.1 Stored Cross Site Scripting
" / " / input type="...
WordPress Plugin Simple Add Pages or Posts 1.6 - Cross-Site Request Forgery
Exploit Title: Wordpress simple add pages or posts CSRF Vulnerability Date: 2016/29/01 Exploit Author: ALIREZAPROMIS Vendor Homepage: https://wordpress.org/plugins/simple-add-pages-or-posts/ Software Link: https://downloads.wordpress.org/plugin/simple-add-pages-or-posts.1.6.zip Version: 1.6 Teste...
Microsoft FrontPage Server Extensions Cross Site Scripting (MS06-017: CVE-2006-0015)
A Cross Site Scripting vulnerability exists in Microsoft FrontPage Server Extensions and Microsoft SharePoint Team Services. The vulnerability is caused as a result of the failure of these products to properly validate certain CGI parameters passed to them. This vulnerability allows arbitrary HTM...
Microsoft Internet Explorer Multiple Vulnerabilities (3116180)
This host is missing a critical security update according to Microsoft Bulletin MS15-124. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
QuikCms 6.1 - CSRF Delete Web Pages Exploit
Exploit for php platform in category web applications Title : QuikCms 6.1 - CSRF Exploit Delete Web Pages Author : ZwX Vendor : http://opensolution.org/ Download Link : http://opensolution.org/download/home.html?sFile=Quick.Cmsv6.1-en.zip Version : 6.1 Security Level : Medium Tested Os : Windows ...
ownCloud: Self-XSS in mails sent by [email protected]
Hello i create account with username have a payload code "alert1, and i always when i get mail from [email protected] i get mail win inject the code payload html code inject From: ownCloud Reply-To: [email protected] To: [email protected] Message-ID: Subject: ownCloud Security & Encryption 2.0; A...
Reflected Cross-Site Scripting (XSS) in SourceBans
High-Tech Bridge Security Research Lab discovered vulnerability in SourceBans, which can be exploited to perform Cross-Site Scripting XSS attacks against web application users. The vulnerability exists due to insufficient filtration of input-data passed via the "advSearch" HTTP GET parameter to...
Centreon 2.6.1 Persistent Cross Site Scripting
Centreon 2.6.1 Stored Cross-Site Scripting Vulnerability Vendor: Centreon Product web page: https://www.centreon.com Affected version: 2.6.1 CES 3.2 Summary: Centreon is the choice of some of the world's largest companies and mission-critical organizations for real-time IT performance monitoring...