5 matches found
CVE-2024-3181 Concrete CMS version 9 prior to 9.2.8 and previous versions prior to 8.5.16 are vulnerable to Stored XSS in the Search Field.
Concrete CMS version 9 prior to 9.2.8 and previous versions prior to 8.5.16 are vulnerable to Stored XSS in the Search Field. Prior to the fix, stored XSS could be executed by an administrator changing a filter to which a rogue administrator had previously added malicious code. The Concrete CMS...
Rudder Server SQL Injection / Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Rudder Server SQLI Remote Code Execution', 'Description' = %q This Metasploit module exploits a SQL injection vulnerability in RudderStack's...
WhatsApp Desktop 0.3.9308 Cross Site Scripting
Title: WhatsApp Desktop 0.3.9308 - Persistent Cross-Site Scripting Date: 2020-01-21 Exploit Author: Gal Weizman Vendor Homepage: https://www.whatsapp.com Software Link: https://web.whatsapp.com/desktop/windows/release/x64/WhatsAppSetup.exe Software Link:...
offercharge.com Cross Site Scripting vulnerability
Security Researcher g0bl1nsec Helped patch 3661 vulnerabilities Received 4 Coordinated Disclosure badges Received 3 recommendations , a holder of 4 badges for responsible and coordinated disclosure, found a security vulnerability affecting offercharge.com website and its users. Following...
KMCIS CaseAware - Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: CaseAware Cross Site Scripting Vulnerability Date: 20th May 2017 Exploit Author: justpentest Vendor Homepage: https://caseaware.com/ Version: All the versions Contact: email protected CVE : 2017-5631 Source:...