Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

0day.today
0day.todayadded 2018/11/05 12:0 a.m.153 views

CentOS Web Panel Root Account Takeover <= v0.9.8.740 Remote Command Execution Exploit

CentOS Web Panel versions 0.9.8.740 and below suffer from cross site request forgery and cross site scripting vulnerabilities that can be leveraged to achieve remote code execution. + Title: CentOS Web Panel Root Account Takeover + Remote Command Execution var url =...

8.8CVSS0.4AI score0.02203EPSS
Exploits8
0day.today
0day.todayadded 2018/10/23 12:0 a.m.45 views

AjentiCP 1.2.23.13 Cross Site Scripting Vulnerability

Exploit for php platform in category web applications + Title: AjentiCP Dir Name Based Stored XSS dir 2- Open this directory in File Manager tool in Ajenti server admin panel. // for secure days... 0day.today 2018-10-24...

6.3AI score0.02243EPSS
Exploits5
Packet Storm
Packet Stormadded 2018/10/22 12:0 a.m.45 views

VestaCP 0.9.8-22 Cross Site Scripting

Title: VestaCP Multiple XSS Vulnerabilities https://IP:8083/list/directory/ - Stored XSS: A visitor may upload a file as named xss payload, using any form in your website. If VestaCP user see this file in the interface, his browser will run the JavaScript. So this vulnerability makes high risk...

6.4AI score0.00234EPSS
Exploits3
Packet Storm
Packet Stormadded 2018/09/22 12:0 a.m.41 views

MyBB Visual Editor 1.8.18 Cross Site Scripting

Title: MyBB Visual Editor Stored XSS YLOADhttp://victim.com/video 4- Post the thread. While victim user replying your post, his browser will run JavaScript. Vulnerable pages: editpost.php newreply.php private.php and all Visual Editor embedded pages. // for secure days...

0.2AI score0.01121EPSS
Exploits5
0day.today
0day.todayadded 2018/09/22 12:0 a.m.57 views

MyBB Visual Editor 1.8.18 Cross Site Scripting Vulnerability

Exploit for php platform in category web applications + Title: MyBB Visual Editor Stored XSS YLOADhttp://victim.com/video 4- Post the thread. While victim user replying your post, his browser will run JavaScript. Vulnerable pages: editpost.php newreply.php private.php and all Visual Editor embedd...

0.1AI score0.01121EPSS
Exploits5
0day.today
0day.todayadded 2018/08/16 12:0 a.m.163 views

cPanel Filename Based Stored XSS < v76 Exploit

Usage Info Create a file as named with your payload in /home/user/logs directory or run the php exploit. + Title: cPanel Filename Based Stored XSS http://ip:2082/cpsessXXXXXXXXXX/frontend/THEME/raw/index.html '; else die'An error occured.'; else echo 'Enter your payload: " "...

Exploits0
Packet Storm
Packet Stormadded 2018/08/14 12:0 a.m.40 views

cPanel 76 Cross Site Scripting

Title: cPanel Filename Based Stored XSS http://ip:2082/cpsessXXXXXXXXXX/frontend/THEME/raw/index.html '; else die'An error occured.'; else echo 'Enter your payload: " "'; // end of the script. ? Note: You cant create a file as named with / slash character by this exploit. This vulnerability is...

0.2AI score
Exploits0
Rows per page
Query Builder