Logo Slider < 4.0.0 - Contributor+ Stored XSS

Description The plugin does not validate and escape some of its Slider Settings before outputting them back in attributes, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks 1. Using a contributor account, add a Logo Slider using the Shortco...

ArForms < 6.6 - Admin+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup 1. Add or edit an existing form and in...

artigiancredito.it Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1179551 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...

OneLogin Extension for Chrome Installed

OneLogin, a password manager extension for the Chrome browser, is installed on the remote Windows host. Note that the OneLogin servers were compromised on May 31, 2017. It is strongly recommended that users change their OneLogin password and the passwords for all accounts that were stored in...

Threat Outbreak Alert RuleID29346: Email Messages Distributing Malicious Software on May 31, 2017

Medium Alert ID: 54002 First Published: 2017 May 31 17:17 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID29346 may contain the following files: Name | Size...

Threat Outbreak Alert RuleID29345: Email Messages Distributing Malicious Software on May 31, 2017

Medium Alert ID: 54001 First Published: 2017 May 31 17:17 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID29345 may contain the following files: Name | Size...

Проверь Badoo на прочность! Месяц поиска уязвимостей

Цитата: Компания Badoo, вслед за своими коллегами ― крупнейшими представителями IT-индустрии, такими как Google, Facebook и Яндекс, начинает платить за найденные уязвимости. Мы объявляем конкурс «Проверь Badoo на прочность!», который стартует 19 марта и продлится ровно месяц. Участвовать в конкур...

MediaCluster (mcCMS) Shell Upload

========================================================================= MediaCluster mcCMS Arbitrary File Upload Vulnerability ========================================================================== +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+= +=+=+= +=+=+=...

linux/x86 cdrom ejecting shellcode 46 bytes

Exploit for linux/x86 platform in category shellcode =========================================== linux/x86 cdrom ejecting shellcode 46 bytes =========================================== / 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, ...

Linux/x86 - CDRom Ejecting Shellcode (46 bytes)

Linux/x86 - CDRom Ejecting Shellcode 46 bytes. Shellcode exploit for Linuxx86 platform / 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type...

Logitech VideoCall ActiveX Control Buffer Overflow

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Logitech...