4 matches found
Rundeck Community Edition < 3.0.13 - Persistent Cross-Site Scripting
Exploit Title: Rundeck Community Edition before 3.0.13 Multiple Stored XSS Vendor Homepage: https://www.rundeck.com/open-source Software Link: https://docs.rundeck.com/downloads.html Exploit Author: Ishaq Mohammed Contact: https://twitter.com/securityprince Website: https://about.me/security-prin...
Monstra CMS Authenticated Arbitrary File Upload
MonstraCMS 3.0.4 allows users to upload Arbitrary files which leads to remote command execution on the remote server. An attacker may choose to upload a file containing PHP code and run this code by accessing the resulting PHP file. This module was tested against MonstraCMS 3.0.4. This module...
phpMyFAQ 2.9.8 Cross Site Scripting
Exploit Title: phpMyFAQ 2.9.8 Stored XSS Vendor Homepage: http://www.phpmyfaq.de/ Software Link: http://download.phpmyfaq.de/phpMyFAQ-2.9.8.zip Exploit Author: Ishaq Mohammed Contact: https://twitter.com/securityprince Website: https://about.me/security-prince Category: webapps CVE: CVE-2017-1461...
OctoberCMS 1.0.425 Cross Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: OctoberCMS 1.0.425 aka Build 425 Stored XSS Vendor Homepage: https://octobercms.com/ Software Link: https://octobercms.com/download Exploit Author: Ishaq Mohammed https://packetstormsecurity.com/files/author/13150/ Contact:...