CVE-2023-53936

CVE-2023-53936 affects Camaleon CMS 2.7.4. The flaw is a persistent cross-site scripting (XSS) vulnerability that allows authenticated administrators to inject malicious scripts into post titles. Attackers can create posts with embedded SVG scripts that execute when other users mouse over the pos...

PT-2023-20347 · Esri · Arcgis Server

Name of the Vulnerable Software and Affected Versions: ArcGIS Server versions 10.8.1 through 11.1 Description: The issue is related to a Cross-site Scripting vulnerability that may allow a remote, authenticated attacker to create a crafted link. This link could potentially render an image in the...

PowerPoint ‘Weakness’ Opens Door to Malicious Mouse-Over Attack

A researcher is sounding the alarm over what he believes could be a novel attack vector which allows a hacker to manipulate a PowerPoint file to download and begin the installation of malware, simply by hovering over a hypertext link. The technique does require a victim to accept one pop-up...

Pornhub: Cross Site Scripting - On Mouse Over, Blog page

The researcher identified that the following URL for the Pornhub user was vulnerable to reflected/semi-stored cross site scripting, which enabled the researcher to craft a URL that pops an alert box upon mousing over the language selection at bottom of page. The affected url can be seen below:...

UMPlayer Portable 0.95 Crash PoC

Exploit for windows platform in category dos / poc Exploit Title: UMPlayer Portable Edition Date: 2012-11-28 Exploit Author: p3kok Vendor Homepage: http://www.umplayer.com/ Software Link: http://sourceforge.net/projects/umplayer/ or http://www.umplayer.com/download/ Version: 0.95Portable Edition...