3 matches found
CVE-2023-48708 Insertion of Sensitive Information into Log in codeigniter4/shield
CodeIgniter Shield is an authentication and authorization provider for CodeIgniter 4. In affected versions successful login attempts are recorded with the raw tokens stored in the log table. If a malicious person somehow views the data in the log table they can obtain a raw token which can then b...
XSLeaks attack analysis-HTTP caching and cross-site leakage-vulnerability warning-the black bar safety net
0x1 XSSearch past lives This attack is the earliest can be dated back to 10 years agoi.e. 2009, one named Chris Evans, security personnel describes one of the Yahoo attack: Chris use a malicious web site to search for the site visitor's e-mail Inbox, and he by constructing different keywords mann...
ZeroBoardXE 1.1.5 Cross Site Scripting
ZeroBoardXE 1.1.5 09.01.22 XSS Vulnerability bY [email protected] Greet to : Flyh4t / ZeroBoardXE VERSION 1.1.5 09.01.22is most famous and widely used bulletin board system of Korea. It is freely available for all platforms that supports PHP and MySQL. I find a XSS vulnerability. By using this...