301 matches found
CVE-2018-10052
The affected software is iScripts SupportDesk v4.3. The vulnerability is a cross-site scripting (XSS) flaw exploitable via the admin/inteligentsearchresult.php txtinteligentsearch parameter. Root cause (as stated in connected documents) is improper input handling in that parameter leading to scri...
CVE-2018-10051
iScripts SupportDesk v4.3 has XSS via the staff/inteligentsearchresult.php txtinteligentsearch parameter...
iScripts SonicBB 1.0 Cross Site Scripting
Exploit Title: iScripts SonicBB 1.0 - Reflected Cross-Site Scripting Date: 02/04/2018 Exploit Author: ManhNho Vendor Homepage: https://www.iscripts.com Demo Page: https://www.demo.iscripts.com/sonicbb/demo/ Version: 1.0 Tested on: Windows 10 Category: Webapps CVE: CVE-2018-9235 1. Description...
iScripts SonicBB 1.0 - Reflected Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: iScripts SonicBB 1.0 - Reflected Cross-Site Scripting Exploit Author: ManhNho Vendor Homepage: https://www.iscripts.com Demo Page: https://www.demo.iscripts.com/sonicbb/demo/ Version: 1.0 Tested on: Windows 10 Category: Webapps...
iScripts Easycreate 3.2.1 Cross Site Scripting
Exploit Title: iScripts Easycreate 3.2.1 - Stored Cross-Site Scripting Date: 02/04/2018 Exploit Author: ManhNho Vendor Homepage: https://www.iscripts.com Demo Page: https://www.demo.iscripts.com/easycreate/demo/ Version: 3.2.1 Tested on: Windows 10 Category: Webapps CVE: CVE-2018-9236 CVE:...
iScripts Easycreate 3.2.1 - Stored Cross-Site Scripting
Exploit Title: iScripts Easycreate 3.2.1 - Stored Cross-Site Scripting Date: 02/04/2018 Exploit Author: ManhNho Vendor Homepage: https://www.iscripts.com Demo Page: https://www.demo.iscripts.com/easycreate/demo/ Version: 3.2.1 Tested on: Windows 10 Category: Webapps CVE: CVE-2018-9236 CVE:...
iScripts Easycreate 3.2.1 - Stored Cross-Site Scripting
iScripts Easycreate 3.2.1 - Stored Cross-Site Scripting Exploit Title: iScripts Easycreate 3.2.1 - Stored Cross-Site Scripting Date: 02/04/2018 Exploit Author: ManhNho Vendor Homepage: https://www.iscripts.com Demo Page: https://www.demo.iscripts.com/easycreate/demo/ Version: 3.2.1 Tested on:...
iScripts SonicBB 1.0 - Reflected Cross-Site Scripting (PoC)
Exploit Title: iScripts SonicBB 1.0 - Reflected Cross-Site Scripting Date: 02/04/2018 Exploit Author: ManhNho Vendor Homepage: https://www.iscripts.com Demo Page: https://www.demo.iscripts.com/sonicbb/demo/ Version: 1.0 Tested on: Windows 10 Category: Webapps CVE: CVE-2018-9235 1. Description...
iScripts SonicBB 1.0 - Reflected Cross-Site Scripting (PoC)
iScripts SonicBB 1.0 - Reflected Cross-Site Scripting PoC Exploit Title: iScripts SonicBB 1.0 - Reflected Cross-Site Scripting Date: 02/04/2018 Exploit Author: ManhNho Vendor Homepage: https://www.iscripts.com Demo Page: https://www.demo.iscripts.com/sonicbb/demo/ Version: 1.0 Tested on: Windows ...
CVE-2018-9235
iScripts SonicBB 1.0 has Reflected Cross-Site Scripting via the query parameter to search.php...
CVE-2018-9237
iScripts EasyCreate 3.2.1 has Stored Cross-Site Scripting in the "Site Description" field...
Cross site scripting
iScripts EasyCreate 3.2.1 has Stored Cross-Site Scripting in the "Site Description" field...
CVE-2018-9237
iScripts EasyCreate 3.2.1 has Stored Cross-Site Scripting in the "Site Description" field...
Cross site scripting
iScripts EasyCreate 3.2.1 has Stored Cross-Site Scripting in the "Site title" field...
CVE-2018-9235
iScripts SonicBB 1.0 has Reflected Cross-Site Scripting via the query parameter to search.php...
CVE-2018-9236
iScripts EasyCreate 3.2.1 has Stored Cross-Site Scripting in the "Site title" field...
CVE-2018-9236
iScripts EasyCreate 3.2.1 has Stored Cross-Site Scripting in the "Site title" field...
Cross site scripting
iScripts SonicBB 1.0 has Reflected Cross-Site Scripting via the query parameter to search.php...
CVE-2018-9235
CVE-2018-9235 affects iScripts SonicBB 1.0. The vulnerability is a Reflected Cross-Site Scripting via the query parameter to search.php, enabling injection of arbitrary script/HTML. Public materials describe a PoC and an exploit for the vulnerable URL (search.php?query=...). The CNVD entry notes ...
CVE-2018-9237
Summary (CVE-2018-9237) : iScripts EasyCreate 3.2.1 contains a stored Cross-Site Scripting (XSS) vulnerability in the Site Description field (and also Site Title per sources). The weakness allows injected HTML/JS to be stored and later executed in the context of the affected application, enabling...