LeptonCMS 4.5.0 - Persistent Cross-Site Scripting

LeptonCMS 4.5.0 - Persistent Cross-Site Scripting Exploit Title: LeptonCMS 4.5.0 - Persistent Cross-Site Scripting Google Dork: "lepton cms" Date: 2019-03-24 Exploit Author: SunCSR Sun Cyber Security Research Vendor Homepage: https://lepton-cms.org/english/home.php Software Link:...

UliCMS 2020.1 - Persistent Cross-Site Scripting

UliCMS 2020.1 - Persistent Cross-Site Scripting Exploit Title: UliCMS 2020.1 - Persistent Cross-Site Scripting Google Dork: N/A Date: 2019-03-24 Exploit Author: SunCSR Vendor Homepage: https://en.ulicms.de Software Link: https://en.ulicms.de/currentversions.html Version: 2020.1 Tested on: Windows...

UliCMS 2020.1 Cross Site Scripting

Exploit Title: UliCMS 2020.1 - Persistent Cross-Site Scripting Google Dork: N/A Date: 2019-03-24 Exploit Author: SunCSR Vendor Homepage: https://en.ulicms.de Software Link: https://en.ulicms.de/currentversions.html Version: 2020.1 Tested on: Windows CVE : N/A Vulnerability : Stored Cross-Site...

WordPress WPForms 1.5.9 Cross Site Scripting

Exploit Title: Wordpress Plugin WPForms 1.5.9 - Persistent Cross-Site Scripting Date: 2020-02-18 Vendor Homepage: https://wpforms.com Vendor Changelog: https://wordpress.org/plugins/wpforms-lite/developers Exploit Author: Jinson Varghese Behanan Author Advisory:...

Wordpress WPForms 1.5.9 Plugin - Persistent Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: Wordpress Plugin WPForms 1.5.9 - Persistent Cross-Site Scripting Vendor Homepage: https://wpforms.com Vendor Changelog: https://wordpress.org/plugins/wpforms-lite/developers Exploit Author: Jinson Varghese Behanan Author Advisor...

UliCMS 2020.1 - Persistent Cross-Site Scripting Vulnerability

Exploit for hardware platform in category web applications Exploit Title: UliCMS 2020.1 - Persistent Cross-Site Scripting Exploit Author: SunCSR Vendor Homepage: https://en.ulicms.de Software Link: https://en.ulicms.de/currentversions.html Version: 2020.1 Tested on: Windows CVE : N/A Vulnerabilit...

UliCMS 2020.1 - Persistent Cross-Site Scripting

Exploit Title: UliCMS 2020.1 - Persistent Cross-Site Scripting Google Dork: N/A Date: 2019-03-24 Exploit Author: SunCSR Vendor Homepage: https://en.ulicms.de Software Link: https://en.ulicms.de/currentversions.html Version: 2020.1 Tested on: Windows CVE : CVE-2020-12704 Vulnerability : Stored...

Microsoft Edge Shares Privacy-Busting Telemetry, Research Alleges

Microsoft Edge is one of the least private web browsers — even more so than other popular browsers like Google Chrome and Mozilla Firefox — according to academic researchers. According to the analysis, from Douglas Leith with the School of Computer Science and Statistics at Trinity College in...

CVE-2020-0546

Unquoted service path in IntelR OptaneTM DC Persistent Memory Module Management Software before version 1.0.0.3461 may allow an authenticated user to potentially enable escalation of privilege and denial of service via local access...

Design/Logic Flaw

Unquoted service path in IntelR OptaneTM DC Persistent Memory Module Management Software before version 1.0.0.3461 may allow an authenticated user to potentially enable escalation of privilege and denial of service via local access...

CVE-2020-0546

Unquoted service path in IntelR OptaneTM DC Persistent Memory Module Management Software before version 1.0.0.3461 may allow an authenticated user to potentially enable escalation of privilege and denial of service via local access...

CVE-2020-0546

CVE-2020-0546 documents an unquoted service path in Intel Optane DC Persistent Memory Module Management Software prior to version 1.0.0.3461, potentially enabling local escalation of privilege and denial of service for authenticated users. Affects Intel Optane DC Persistent Memory Module Manageme...

Intel Optane DC Persistent Memory Module Management Software Authentication Error Vulnerability

Intel Graphics Drivers is an integrated graphics driver from Intel USA. A security vulnerability exists in versions prior to Intel Optane DC Persistent Memory Module Management Software 1.0.0.3461. A local attacker can exploit the vulnerability to elevate privileges...

CVE-2019-12444

An issue was discovered in GitLab Community and Enterprise Edition 8.9 through 11.11. Wiki Pages contained a lack of input validation which resulted in a persistent XSS vulnerability...

Cross site scripting

An issue was discovered in GitLab Enterprise Edition 11.7 through 11.11. The epic details page contained a lack of input validation and output encoding issue which resulted in a persistent XSS vulnerability on child epics...

CVE-2019-12444

An issue was discovered in GitLab Community and Enterprise Edition 8.9 through 11.11. Wiki Pages contained a lack of input validation which resulted in a persistent XSS vulnerability...

CVE-2019-12444

GitLab Wiki Pages input validation flaw in GitLab Community/Enterprise Edition 8.9–11.11 causes persistent XSS due to lack of input validation on Wiki pages. Root cause: unvalidated user input processed in Wiki rendering. Impacted components: Wiki Pages (GitLab web UI). Exploitation details are n...

CVE-2019-12442

CVE-2019-12442 affects GitLab Enterprise Edition 11.7–11.11. The issue is a persistent cross-site scripting (XSS) vulnerability on child epics caused by lack of input validation and insufficient output encoding on the epic details page. This is detailed across multiple sources (GitLab advisories,...

CVE-2019-12442

An issue was discovered in GitLab Enterprise Edition 11.7 through 11.11. The epic details page contained a lack of input validation and output encoding issue which resulted in a persistent XSS vulnerability on child epics...

YzmCMS 5.5 Cross Site Scripting

Exploit Title: YzmCMS 5.5 - 'url' Persistent Cross-Site Scripting Google Dork: N/A Date: 2020-03-10 Exploit Author: En Vendor Homepage: https://github.com/yzmcms/yzmcms Software Link: https://github.com/yzmcms/yzmcms Version: V5.5 Category: Web Application Patched Version: unpatched Tested on:...