Cross site scripting

novaksolutions/infusionsoft-php-sdk v2016-10-31 is vulnerable to a reflected XSS in the leadscoring.php resulting code execution...

WordPress Yeloni Free Exit Popup 8.1.9 SQL Injection

Exploit Title : WordPress Yeloni Free Exit Popup Plugins 8.1.9 SQL Injection Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 28/01/2019 Vendor Homepage : yeloni.com Software Download Link : downloads.wordpress.org/plugin/yeloni-free-exit-popup.zip Software...

Adobe Systems - Arbitrary Code Injection Vulnerability

Document Title: =============== Adobe Systems - Arbitrary Code Injection Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2120 PSIRT ID: 7873 Vulnerability Magazine:...

CVE-2016-6564 Ragentek Android software contains an over-the-air update mechanism that communicates over an unencrypted channel, which can allow a remote attacker to execute arbitrary code with root privileges

Android devices with code from Ragentek contain a privileged binary that performs over-the-air OTA update checks. Additionally, there are multiple techniques used to hide the execution of this binary. This behavior could be described as a rootkit. This binary, which resides as /system/bin/debugs,...

OWASP iGoat (Swift) - A Damn Vulnerable Swift Application For iOS

This is a Swift version of original iGoat Objective C project. Using OWASP iGoat, you can learn exploiting and defending vulnerabilities in iOS Swift applications. Developed using Swif 4 and Ruby iGoat Objective C was presented at: OWASP TOP 10 Mobile Reverse Engineering Runtime Analysis Data...

binary-electricals.com XSS vulnerability

Open Bug Bounty ID: OBB-558594 Description| Value ---|--- Affected Website:| binary-electricals.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

lead-21.org XSS vulnerability

Open Bug Bounty ID: OBB-450448 Description| Value ---|--- Affected Website:| lead-21.org Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat Sheet...

VK.com: clickjacking в /lead_forms_app.php

Кликджекинг в «Форме сбора заявок». Можно было угнать номер и почту любого человека который нажмет на кнопкуbuton на нашем сайте, я считаю это довольно серьезно, ибо нажать кнопку можно было под любым предлогом, к примеру создав фейковый опрос на нашем сайте, а подтверждением голосования добавить...

searchsmartlocal.com XSS vulnerability

Open Bug Bounty ID: OBB-444247 Description| Value ---|--- Affected Website:| searchsmartlocal.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention...

New Research in Invisible Inks

It's a lot more chemistry than I understand: Invisible inks based on "smart" fluorescent materials have been shining brightly if only you could see them in the data-encryption/decryption arena lately.... But some of the materials are costly or difficult to prepare, and many of these inks remain...

CPA Lead Reward Script SQL Injection Vulnerability

CPA Lead Reward Script is a social research script. A SQL injection vulnerability exists in CPA Lead Reward Script. A remote attacker can exploit this vulnerability to inject SQL commands with the 'username' parameter...

CPA Lead Reward Script SQL Injection

...

Sql injection

CPA Lead Reward Script allows SQL Injection via the username parameter...

CVE-2017-15986

CPA Lead Reward Script allows SQL Injection via the username parameter...

CVE-2017-15986

The CVE-2017-15986 issue affects the CPA Lead Reward Script, where a SQL injection vulnerability exists in the username parameter. Multiple connected sources corroborate a remote, unauthenticated SQL injection that allows an attacker to inject commands through the username field (e.g., PoC payloa...

CVE-2017-15986

CPA Lead Reward Script allows SQL Injection via the username parameter...

beatthegmat.com XSS vulnerability

Open Bug Bounty ID: OBB-381466 Description| Value ---|--- Affected Website:| beatthegmat.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat...

CPA Lead Reward Script - SQL Injection Vulnerability

Exploit for php platform in category web applications 0day.today 2018-03-19...

VK.com: Stored xss в /lead_forms_app.php

XSS в "Форме сбора заявок". Жесть...

Got Robocalled? Don’t Get Mad; Get Busy.

Several times a week my cell phone receives the telephonic equivalent of spam: A robocall. On each occasion the call seems to come from a local number, but when I answer there is that telltale pause followed by an automated voice pitching some product or service. So when I heard from a reader who...