Lucene search
K

27 matches found

Hacker One
Hacker One
added 2014/03/01 10:11 p.m.32 views

Slack: Stored XSS in username.slack.com

Hi There is a stored XSS in username.slack.com. Steps to reproduce: 1. Login to your Slack 2. Goto "Create Private Group" and with any name and purpose 3. Goto https://manish.slack.com/messages/group/files/ 4. Upload a file hitting upload icon ^ filename shall be ".jpeg 5. After file is uploaded...

6.1AI score
Exploits0
myhack58
myhack58
added 2013/03/04 12:0 a.m.22 views

Jingdong IM web client file upload cause arbitrary JS execution-vulnerability warning-the black bar safety net

In jingdong online customer service system, customer service end of the page you can perform the client to write any JS code. Process: 1. Customer service access. 2. To upload a picture. 3. Because jingdong to the editor is a contenteditable=true div, so we can be of its contents for editing. 4. ...

1.5AI score
Exploits0
myhack58
myhack58
added 2012/06/05 12:0 a.m.33 views

EZEIP3. 0 multi-page upload validation vulnerability-vulnerability warning-the black bar safety net

Modify the IE browser security settings, the modulation is the highest, however, prohibit the js execution. 2. Open the Modify upload Type page, add aspx type, click Save, and then open the upload page to upload There is a problem of the upload Type page: http://www.XXX.com/...

0.3AI score
Exploits0
myhack58
myhack58
added 2012/03/30 12:0 a.m.25 views

EZEIP3. 0 multi-page upload validation vulnerability and fix-vulnerability warning-the black bar safety net

Modify the IE browser security settings, the modulation is the highest, however, prohibit the js execution. 2. Open the Modify upload Type page, add aspx type, click Save, and then open the upload page to upload There is a problem of the upload Type page:...

0.5AI score
Exploits0
OpenVAS
OpenVAS
added 2011/08/09 12:0 a.m.45 views

CentOS Update for thunderbird CESA-2009:1126 centos5 i386

Check for the Version of thunderbird OpenVAS Vulnerability Test CentOS Update for thunderbird CESA-2009:1126 centos5 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...

9.3CVSS0.2AI score0.09282EPSS
Exploits5References2
securityvulns
securityvulns
added 2005/08/04 12:0 a.m.22 views

Coldfusion Fusebox V4.1.0 Vulnerability

This was discovered by myself over the weekend. I cant find out what versions of fusebox this vulnerability is in but seeing as it affects the main fusebox page I can only assume it is the latest v4.1.0 and possibly some older versions. According to the Fusebox site, What is Fusebox? Fusebox is a...

7AI score
Exploits0
CVE
CVE
added 2002/05/03 4:0 a.m.68 views

CVE-2002-0217

CVE-2002-0217 affects XOOPS 1.0 RC1 — the Private Message System is vulnerable to cross-site scripting via the PM title/field or the image parameter in pmlite.php. The root cause is insufficient input filtering, allowing remote attackers to run Javascript in other users’ browsers. Documented impa...

7.5CVSS6.9AI score0.01771EPSS
Exploits2References5Affected Software1
Rows per page
Query Builder