2 matches found
Code Snippets < 2.14.0 - CSRF to RCE
This "flaw allowed anybody to forge a request on behalf of an administrator and inject executable code on a vulnerable site." PoC...
Hexjector 1.0.7.2 Cross Site Scripting
Exploit Title: Hexjector Persistent XSS ".""; $url2 is not filtered so XSS codes can be executed. You would need to find a site that is vulnerable either to XSS or SQL Injection to generate this vulnerability.A site that is vulnerable to XSS only will also work because my Hexjector will not stop...