Lucene search
K

58 matches found

WPVulnDB
WPVulnDB
added 2015/03/07 12:0 a.m.13 views

FormGet Contact Form 5.3 - Stored XSS

The AJAX action ‘requestresponse’, defined in formget-contact-form/index.php line 278 is available to any logged in user. The parameter ‘value’ is accepted as valid, so long as the string ‘sideBar’ is found at a position other than 0 i.e. prefix the payload with a space. The ‘pageid’ parameter ca...

1.6AI score
Exploits0References1Affected Software1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.53 views

WeBid 1.0.2 persistent XSS via SQL Injection

No description provided by source. Exploit Title: presistent XSS through SQLi WeBid 1.0.2 Google Dork: powered by WeBid Date: 15-06-2011 Author: Saif El-Sherei Software Link: http://sourceforge.net/projects/simpleauction/ Version: 1.0.2 Tested on: Firefox 4, XAMPP Info: Open source php/mysql full...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.26 views

Alt-N MDaemon 13.0.3 and 12.5.6 Email Body HTML/JS Injection Vulnerability

No description provided by source. ============================================================== Alt-N MDaemon Email Body HTML/JS Injection Vulnerability ============================================================== Software: Alt-N MDaemon v13.0.3 and prior versions Vendor: http://www.altn.com/...

7.1AI score
Exploits0
0day.today
0day.today
added 2014/02/08 12:0 a.m.60 views

Android Browser and WebView addJavascriptInterface Code Execution

This Metasploit module exploits a privilege escalation issue in Android versions prior 4.2's WebView component that arises when untrusted Javascript code is executed by a WebView that has one or more Interfaces added to it. The untrusted Javascript code can call into the Java Reflection APIs...

7.2AI score
Exploits0
securityvulns
securityvulns
added 2013/02/24 12:0 a.m.88 views

Alt-N MDaemon Email Body HTML/JS Injection Vulnerability

============================================================== Alt-N MDaemon Email Body HTML/JS Injection Vulnerability ============================================================== Software: Alt-N MDaemon v13.0.3 and prior versions Vendor: http://www.altn.com/ Vuln Type: HTML/JS Injection Remot...

1.4AI score
Exploits0
Packet Storm
Packet Storm
added 2013/02/21 12:0 a.m.20 views

Alt-N MDaemon Email Body Cross Site Scripting

============================================================== Alt-N MDaemon Email Body HTML/JS Injection Vulnerability ============================================================== Software: Alt-N MDaemon v13.0.3 and prior versions Vendor: http://www.altn.com/ Vuln Type: HTML/JS Injection Remot...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2013/02/21 12:0 a.m.11 views

Alt-N MDaemon 12.5.613.0.3 - Email Body HTMLJS Injection

Alt-N MDaemon 12.5.613.0.3 - Email Body HTMLJS Injection ============================================================== Alt-N MDaemon Email Body HTML/JS Injection Vulnerability ============================================================== Software: Alt-N MDaemon v13.0.3 and prior versions Vendor...

7.7AI score
Exploits0
Exploit DB
Exploit DB
added 2013/02/21 12:0 a.m.28 views

Alt-N MDaemon 12.5.6/13.0.3 - Email Body HTML/JS Injection

============================================================== Alt-N MDaemon Email Body HTML/JS Injection Vulnerability ============================================================== Software: Alt-N MDaemon v13.0.3 and prior versions Vendor: http://www.altn.com/ Vuln Type: HTML/JS Injection Remot...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2011/11/28 12:0 a.m.47 views

Google Android - 'content://' URI Multiple Information Disclosure Vulnerabilities

Android Data Stealing Web PageClick: Malicious Link"; // Stage 1: Redirect to Stage 2 which will force a download of the HTML/JS payload, then a few seconds later redirect...

4.3CVSS6.6AI score0.26952EPSS
Exploits8
0day.today
0day.today
added 2011/10/19 12:0 a.m.25 views

OCS Inventory NG 2.0.1 Persistent XSS

Exploit for windows platform in category web applications OCS Inventory NG 2.0.1 - Persistent XSS CVE-2011-4024 ------------------------------------------------------- Software : Open Computer and Software OCS Inventory NG Download : http://www.ocsinventory-ng.org/ Discovered by : Nicolas DEROUET...

7.1AI score0.04699EPSS
Exploits6
exploitpack
exploitpack
added 2011/06/17 12:0 a.m.79 views

WeBid 1.0.2 - Persistent Cross-Site Scripting (via SQL Injection)

WeBid 1.0.2 - Persistent Cross-Site Scripting via SQL Injection Exploit Title: presistent XSS through SQLi WeBid 1.0.2 Google Dork: "powered by WeBid" Date: 15-06-2011 Author: Saif El-Sherei Software Link: http://sourceforge.net/projects/simpleauction/ Version: 1.0.2 Tested on: Firefox 4, XAMPP...

0.9AI score
Exploits0
exploitpack
exploitpack
added 2010/09/18 12:0 a.m.10 views

Joomla! Component Restaurant Guide 1.0.0 - Multiple Vulnerabilities

Joomla! Component Restaurant Guide 1.0.0 - Multiple Vulnerabilities Exploit Title: Joomla Component comrestaurantguide Multiple Vulnerabilities Date: 18.09.2010 Author: Valentin Category: webapps/0day Version: 1.0.0 Tested on: Debian lenny, Apache2, MySQL 5, Joomla 1.5.x CVE : Code :...

0.4AI score
Exploits0
seebug.org
seebug.org
added 2009/02/06 12:0 a.m.16 views

txtBB <= 1.0 RC3 HTML/JS Injection - Add Admin Privileges Exploit

No description provided by source. !-- txtBB = 1.0 RC3 HTML/JS Injection - Add Admin Privileges Exploit By cOndemned Greetz: ZaBeaTy, sid.psycho, Alfons Luja, vCore, irk4z & str0ke ; Exploitation: 1. Create an account 2. Go to http://host/txtbb10RC3path/index.php?type=account 3. Put exploit code...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2009/02/05 12:0 a.m.9 views

txtBB 1.0 RC3 - HTMLJS Injection Arbitrary Add Admin Privileges

txtBB 1.0 RC3 - HTMLJS Injection Arbitrary Add Admin Privileges var req = new XMLHttpRequest; req.open'POST', 'admin.php?action=users&type=edit&login=USERNICK&save=1', false; req.setRequestHeader'Content-Type', 'application/x-www-form-urlencoded';...

0.5AI score
Exploits0
Packet Storm
Packet Storm
added 2009/02/05 12:0 a.m.24 views

txtBB 1.0 RC3 Injection

var req = new XMLHttpRequest; req.open'POST', 'admin.php?action=users&type=edit&login=USERNICK&save=1', false; req.setRequestHeader'Content-Type', 'application/x-www-form-urlencoded'; req.send'signature=&avatar=&type=3&password=&submit=Zapisz';...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2009/02/05 12:0 a.m.29 views

txtBB 1.0 RC3 - HTML/JS Injection / Arbitrary Add Admin Privileges

var req = new XMLHttpRequest; req.open'POST', 'admin.php?action=users&type=edit&login=USERNICK&save=1', false; req.setRequestHeader'Content-Type', 'application/x-www-form-urlencoded'; req.send'signature=&avatar=&type=3&password=&submit=Zapisz'; milw0rm.com 2009-02-05...

7.4AI score
Exploits0
0day.today
0day.today
added 2009/02/05 12:0 a.m.312 views

txtBB <= 1.0 RC3 HTML/JS Injection - Add Admin Privileges Exploit

Exploit for unknown platform in category web applications ================================================================= txtBB var req = new XMLHttpRequest; req.open'POST', 'admin.php?action=users&type=edit&login=USERNICK&save=1', false; req.setRequestHeader'Content-Type',...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2007/11/07 12:0 a.m.243 views

[Full-disclosure] SF-Shoutbox 1.2.1 &lt;= 1.4 HTML/JS Injection Vulnerability

----------------------------- || WWW.SMASH-THE-STACK.NET || ----------------------------- || ADVISORY: SF-Shoutbox 1.2.1 = 1.4 HTML/JS Injection Vulnerability || 0x00: ABOUT ME || 0x01: DATELINE || 0x02: INFORMATION || 0x03: EXPLOITATION || 0x04: GOOGLE DORK || 0x05: RISK LEVEL || 0x00: ABOUT ME...

7.8AI score
Exploits0
Rows per page
Query Builder