WordPress Soliloquy Lite 2.5.6 Cross Site Scripting

Exploit Title: Wordpress Soliloquy Lite 2.5.6 - Persistent Cross-Site Scripting Google Dork: inurl:"\wp-content\plugins\soliloquy-lite" Date: 2019-06-13 Exploit Author: Unk9vvN Vendor Homepage: https://soliloquywp.com/ Software Link: https://wordpress.org/plugins/soliloquy-lite/ Version: 2.5.6...

WordPress Plugin Popup Builder 3.49 - Persistent Cross-Site Scripting

Exploit Title: Wordpress Popup Builder 3.49 - Persistent Cross-Site Scripting Google Dork: inurl:"\wp-content\plugins\popupbuilder" Date: 2019-06-13 Exploit Author: Unk9vvN Vendor Homepage: https://popup-builder.com/ Software Link: https://wordpress.org/plugins/popup-builder/ Version: 3.49 Tested...

WordPress Plugin Soliloquy Lite 2.5.6 - Persistent Cross-Site Scripting

Exploit Title: Wordpress Soliloquy Lite 2.5.6 - Persistent Cross-Site Scripting Google Dork: inurl:"\wp-content\plugins\soliloquy-lite" Date: 2019-06-13 Exploit Author: Unk9vvN Vendor Homepage: https://soliloquywp.com/ Software Link: https://wordpress.org/plugins/soliloquy-lite/ Version: 2.5.6...

WordPress Plugin FooGallery 1.8.12 - Persistent Cross-Site Scripting

Exploit Title: Wordpress FooGallery 1.8.12 - Persistent Cross-Site Scripting Google Dork: inurl:"\wp-content\plugins\foogallery" Date: 2019-06-13 Exploit Author: Unk9vvN Vendor Homepage: https://foo.gallery/ Software Link: https://wordpress.org/plugins/foogallery/ Version: 1.8.12 Tested on: Kali...

WordPress Plugin Popup Builder 3.49 - Persistent Cross-Site Scripting

WordPress Plugin Popup Builder 3.49 - Persistent Cross-Site Scripting Exploit Title: Wordpress Popup Builder 3.49 - Persistent Cross-Site Scripting Google Dork: inurl:"\wp-content\plugins\popupbuilder" Date: 2019-06-13 Exploit Author: Unk9vvN Vendor Homepage: https://popup-builder.com/ Software...

Accounts Accounting 7.02 - Persistent Cross-Site Scripting

Accounts Accounting 7.02 - Persistent Cross-Site Scripting Exploit Title: Express Accounts Accounting 7.02 - Persistent Cross-Site Scripting Exploit Author: Debashis Pal Date: 2019-10-16 Vendor Homepage: https://www.nchsoftware.com Source: https://www.nchsoftware.com/accounting/index.html Version...

CVE-2019-16282

In NCH Express Invoice v7.12, persistent cross site scripting XSS exists via the Invoices/Items/Customers/Quotes input field. An authenticated unprivileged user can add/modify the Invoices/Items/Customers fields parameter to inject arbitrary JavaScript...

CVE-2019-16282

CVE-2019-16282 affects NCH Express Invoice v7.12. The vulnerability is a persistent cross-site scripting (XSS) flaw exploitable via the Invoices/Items/Customers/Quotes input fields. An authenticated unprivileged user can modify parameters in these fields to inject arbitrary JavaScript. The issue ...

Express Invoice 7.12 - 'Customer' Persistent Cross-Site Scripting

Exploit Title: Express Invoice 7.12 - 'Customer' Persistent Cross-Site Scripting Exploit Author: Debashis Pal Date: 2019-10-13 Vendor Homepage: https://www.nchsoftware.com/ Source: https://www.nchsoftware.com/invoice/index.html Version: Express Invoice v7.12 CVE : N/A Tested on: Windows 7 SP132bi...

CVE-2019-17532

An issue was discovered on Belkin Wemo Switch 28B WW2.00.11057.PVT-OWRT-SNS devices. They allow remote attackers to cause a denial of service persistent rules-processing outage via a crafted ruleDbBody element in a StoreRules request to the upnp/control/rules1 URI, because database corruption...

Default credentials

IceWarp Webclient before 10.2.1 has XSS via an HTTP POST request: webmail/ with the parameter password is non-persistent in 10.2.0...

Design/Logic Flaw

IceWarp Webclient before 10.2.1 has XSS via an HTTP POST request: admin/login.html with the parameter username is persistent in 10.2.0...

Intelbras Router WRN150 1.0.18 Cross Site Scripting

Exploit Title: Intelbras Router WRN150 1.0.18 - Persistent Cross-Site Scripting Date: 2019-10-03 Exploit Author: Prof. Joas Antonio Vendor Homepage: https://www.intelbras.com/pt-br/ Software Link: http://en.intelbras.com.br/node/25896 Version: 1.0.18 Tested on: Windows CVE : CVE-2019–17411 PoC 1:...

Cross-Site Scripting (XSS) in script src

Client-side scripts are used extensively by modern web applications. They perform from simple functions such as the formatting of text up to full manipulation of client-side data and Operating System interaction. Cross Site Scripting XSS allows clients to inject scripts into a request and have th...

Intelbras Router WRN150 1.0.18 - Persistent Cross-Site Scripting

Exploit Title: Intelbras Router WRN150 1.0.18 - Persistent Cross-Site Scripting Date: 2019-10-03 Exploit Author: Prof. Joas Antonio Vendor Homepage: https://www.intelbras.com/pt-br/ Software Link: http://en.intelbras.com.br/node/25896 Version: 1.0.18 Tested on: Windows CVE : CVE-2019–17411 PoC 1:...

CVE-2019-17427

In Redmine before 3.4.11 and 4.0.x before 4.0.4, persistent XSS exists due to textile formatting errors...

CVE-2019-17427

In Redmine before 3.4.11 and 4.0.x before 4.0.4, persistent XSS exists due to textile formatting errors...

UBUNTU-CVE-2019-17427

In Redmine before 3.4.11 and 4.0.x before 4.0.4, persistent XSS exists due to textile formatting errors...

CVE-2019-17427

In Redmine before 3.4.11 and 4.0.x before 4.0.4, persistent XSS exists due to textile formatting errors...

Persistence – Screensaver

Screensavers are part of Windows functionality and enable users to put a screen message or a graphic animation after a period of inactivity. This feature of Windows it is known to be abused by threat actors as a method of persistence. This is because screensavers are executable files that have th...