Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Citrix
Citrixadded 2023/08/31 12:0 a.m.4 views

Rewrite policy fail to honored when binding to NetScaler Gateway Virtual Server

When you're trying to insert some promptsto NetScaler Gateway logon page via Rewrite policy, you may find the prompts strings are not displayed even if you refresh the web page or clear all browser cache. The Rewrite policy is not honored as expected...

7AI score
Exploits0
Huntr
Huntradded 2023/06/06 9:29 a.m.17 views

Stored XSS via file upload in FireFox

Description Upload html file containing XSS payload. Payload ' On opening and refreshing the page, XSS payload executes in Firefox. Proof of Concept https://drive.google.com/file/d/1Irkg0u-8DcEizRSN3xE87ezEWmp0L4j/view?usp=sharing...

6.4AI score
Exploits0References1
wpexploit
wpexploitadded 2022/12/27 12:0 a.m.436 views

EU Cookie Law <= 3.1.6 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup. 1. Enter the setting page of this plugin. 2. In t...

4.8CVSS4.7AI score0.00226EPSS
Exploits2
Hacker One
Hacker Oneadded 2019/04/18 8:11 a.m.22 views

ZEIT: Stored XSS in profile page

Summary: There is a stored XSS vulnerability in the users profile page. Steps To Reproduce: 1. Go to https://zeit.co/login and login. 2. Go to https://zeit.co/profile/username/edit 3. Enter any value in the field which shows name 4. Intercept it burp and send it to repeater. 5. Then change the na...

5.9AI score
Exploits0
Hacker One
Hacker Oneadded 2017/07/30 5:47 p.m.64 views

Legal Robot: Profile shows incorrect account creation date

Hi Team, I get to know that you are using showing joined time. it's contain design issue. I think that you show for once user login in to their account and it should show from howmany minutes that user logged in? but i can see here a design issue, is that whenever we refresh page...

7.1AI score
Exploits0
Veracode
Veracodeadded 2017/03/15 2:59 a.m.6 views

Information Disclosure

ng2-webstorage is vulnerable to information disclosure. This is because the key in local storage is not cleared properly after deletion. The stored sensitive information should be deleted after the deletion of a key remains until the page is refreshed...

5.8AI score
Exploits0
Atlassian
Atlassianadded 2013/09/30 7:48 a.m.16 views

XSS in admin/ViewIssueFields.jspa

Reproduction: 1. Create custom fields with alert1 in name and/or description. 2. Go to 'Field Configurations' 3. Click 'Add Field Configuration', enter any text in 'Name' 4. Hit okay and wait for the page to refresh 5. Choose the config you just made - XSSed...

0.1AI score
Exploits0
Positive Technologies
Positive Technologiesadded 2009/11/27 12:0 a.m.2 views

PT-2009-6215 · Cacti · Cacti

Name of the Vulnerable Software and Affected Versions: Cacti version 0.8.7e Description: The issue concerns multiple cross-site scripting XSS vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML. The affected areas include graph.php, include/top gra...

4.3CVSS5.7AI score0.06761EPSS
Exploits6References30
Rows per page
Query Builder