EUVD-2014-6300

Malware in sbrugna...

CVE-2014-6420

Cross-site scripting XSS vulnerability in Livefyre LiveComments 3.0 allows remote attackers to inject arbitrary web script or HTML via the name of an uploaded picture...

Cross site scripting

Cross-site scripting XSS vulnerability in Livefyre LiveComments 3.0 allows remote attackers to inject arbitrary web script or HTML via the name of an uploaded picture...

CVE-2014-6420

CVE-2014-6420 is an XSS vulnerability in Livefyre LiveComments 3.0. The flaw allows remote attackers to inject arbitrary web script or HTML by manipulating the name of an uploaded picture. The NVD description confirms the vulnerability type (Cross-site scripting) and affected component (LiveComme...

CVE-2014-6420

Cross-site scripting XSS vulnerability in Livefyre LiveComments 3.0 allows remote attackers to inject arbitrary web script or HTML via the name of an uploaded picture...

Uber: Reflected XSS via Livefyre Media Wall in newsroom.uber.com

Hello @uber, This vulnerability works in all sites where there Livefyre Media Wall, including newsroom.uber.com. To reproduce this Cross-Site Scripting, visit this URL: https://newsroom.uber.com/?lf-content=danylod.com/uber.php?:131560603:307477931 Vulnerable is this source code:...

Livefyre Comments 3 4.1.4 XSS

Every registered user can change livefyresiteid and livefyresitekey. File: livefyre-comments\src\admin\LivefyreAdmin.php function construct $lfcore $this-lfcore = $lfcore; $this-ext = $lfcore-ext; addaction 'adminmenu', array &$this, 'registeradminpage' ; addaction 'adminnotices', array &$this,...

Livefyre LiveComments Plugin - Stored XSS

Title : Stored XSS in Livefyre LiveComments Plugin CVE : 2014-6420 Vendor Homepage : http://livefyre.com Software Link : http://web.livefyre.com/streamhub/liveComments Version : v3.0 Author : Brij Kishore Mishra Date : 03-Sept-2014 Tested On : Chrome 37, Ubuntu 14.04 Description : This plugin...

Livefyre LiveComments Plugin - Stored XSS Vulnerability

Exploit for php platform in category web applications Title : Stored XSS in Livefyre LiveComments Plugin CVE : 2014-6420 Vendor Homepage : http://livefyre.com Software Link : http://web.livefyre.com/streamhub/liveComments Version : v3.0 Author : Brij Kishore Mishra Date : 03-Sept-2014 Tested On :...

Livefyre LiveComments Plugin - Persistent Cross-Site Scripting

Title : Stored XSS in Livefyre LiveComments Plugin CVE : 2014-6420 Vendor Homepage : http://livefyre.com Software Link : http://web.livefyre.com/streamhub/liveComments Version : v3.0 Author : Brij Kishore Mishra Date : 03-Sept-2014 Tested On : Chrome 37, Ubuntu 14.04 Description : This plugin...

Livefyre LiveComments Plugin - Persistent Cross-Site Scripting

Livefyre LiveComments Plugin - Persistent Cross-Site Scripting Title : Stored XSS in Livefyre LiveComments Plugin CVE : 2014-6420 Vendor Homepage : http://livefyre.com Software Link : http://web.livefyre.com/streamhub/liveComments Version : v3.0 Author : Brij Kishore Mishra Date : 03-Sept-2014...

Livefyre LiveComments 3.0 Cross Site Scripting

Title : Stored XSS in Livefyre LiveComments Plugin CVE : 2014-6420 Vendor Homepage : http://livefyre.com Software Link : http://web.livefyre.com/streamhub/liveComments Version : v3.0 Author : Brij Kishore Mishra Date : 03-Sept-2014 Tested On : Chrome 37, Ubuntu 14.04 Description : This plugin...