Lucene search
K

4 matches found

CNVD
CNVD
added 2022/05/25 12:0 a.m.13 views

Lumidek Associates Simple Food Website Cross-Site Request Forgery Vulnerability

Lumidek Associates Simple Food Website is a Simple Food Website CMS. version 1.0 of Lumidek Associates Simple Food Website is vulnerable to cross-site request forgery, which stems from a WEB application that does not adequately validate that the request is from a trusted user. An attacker could...

6.8CVSS3.2AI score0.00621EPSS
Exploits1Affected Software1
CVE
CVE
added 2017/05/11 5:0 p.m.46 views

CVE-2017-8899

CVE-2017-8899 affects Invision Power Services (IPS) Community Suite 4.1.19.2 and earlier. The issue is a composite of Stored XSS and Information Disclosure in the attachments feature within User CP. The primary cause is the ability to upload an SVG document with a crafted attribute such as onload...

8.1CVSS7.5AI score0.0148EPSS
Exploits1References3Affected Software1
Hacker One
Hacker One
added 2016/07/11 4:40 p.m.24 views

OLX: stored XSS in olx.pl - ogloszenie TITLE element - moderator acc can be hacked

Hello, The OLX.PL is vulnerable to stored XSS attack. When adding new advertisement, it is possible to put a payload in its title here I used Titlealert1 I see ads are being pre-moderated, however it can remain uncaught also the length limit in title field is enough to insert into it e.g. a BeEF...

1.6AI score
Exploits0
Exploit DB
Exploit DB
added 2007/02/28 12:0 a.m.29 views

vBulletin 3.6.4 - 'inlinemod.php?postids' SQL Injection

input-cleanarraygpc'p', array 'postids' = TYPESTR, ; $postids = explode',',...

7AI score
Exploits0
Rows per page
Query Builder