7648 matches found
CVE-2018-11208
An issue was discovered in Z-BlogPHP 2.0.0. There is a persistent XSS that allows remote attackers to inject arbitrary web script or HTML into background web site settings via the "copyright information office" field. NOTE: the vendor indicates that the product was not intended to block this type...
CVE-2018-11208
An issue was discovered in Z-BlogPHP 2.0.0. There is a persistent XSS that allows remote attackers to inject arbitrary web script or HTML into background web site settings via the "copyright information office" field. NOTE: the vendor indicates that the product was not intended to block this type...
CVE-2018-11208
An issue was discovered in Z-BlogPHP 2.0.0. There is a persistent XSS that allows remote attackers to inject arbitrary web script or HTML into background web site settings via the "copyright information office" field. NOTE: the vendor indicates that the product was not intended to block this type...
VirtueMart 3.1.14 Cross Site Scripting
Exploit Title: VirtueMart 3.1.14 - Persistent Cross-Site Scripting Date: 2018-02-25 Software Link: http://virtuemart.net/ Exploit Author: Mattia Furlani CVE: CVE-2018-7465 Category: webapps 1. Description An XSS issue was discovered in VirtueMart before 3.2.14. All the textareas in the admin area...
Multiplayer BlackJack Online Casino Game 2.5 - Cross-Site Scripting
Multiplayer BlackJack Online Casino Game 2.5 - Cross-Site Scripting Exploit Title: Multiplayer BlackJack - Online Casino Game 2.5 - Persistent Cross-Site scripting Date: 2018-05-16 Exploit Author: L0RD Vendor Homepage:...
VirtueMart 3.1.14 - Persistent Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: VirtueMart 3.1.14 - Persistent Cross-Site Scripting Software Link: http://virtuemart.net/ Exploit Author: Mattia Furlani CVE: CVE-2018-7465 Category: webapps 1. Description An XSS issue was discovered in VirtueMart before 3.2.14...
VirtueMart 3.1.14 - Persistent Cross-Site Scripting
VirtueMart 3.1.14 - Persistent Cross-Site Scripting Exploit Title: VirtueMart 3.1.14 - Persistent Cross-Site Scripting Date: 2018-02-25 Software Link: http://virtuemart.net/ Exploit Author: Mattia Furlani CVE: CVE-2018-7465 Category: webapps 1. Description An XSS issue was discovered in VirtueMar...
Multiplayer BlackJack Online Casino Game 2.5 - Persistent Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: Multiplayer BlackJack - Online Casino Game 2.5 - Persistent Cross-Site scripting Exploit Author: L0RD Vendor Homepage: https://codecanyon.net/item/multiplayer-blackjack-online-casino-game/15411706?srank=1628 CVE: N/A Version: 2....
Multiplayer BlackJack Online Casino Game 2.5 Cross Site Scripting
Exploit Title: Multiplayer BlackJack - Online Casino Game 2.5 - Persistent Cross-Site scripting Date: 2018-05-16 Exploit Author: L0RD Vendor Homepage: https://codecanyon.net/item/multiplayer-blackjack-online-casino-game/15411706?srank=1628 CVE: N/A Version: 2.5 Description : Multiplayer BlackJack...
Multiplayer BlackJack Online Casino Game 2.5 - Cross-Site Scripting
Exploit Title: Multiplayer BlackJack - Online Casino Game 2.5 - Persistent Cross-Site scripting Date: 2018-05-16 Exploit Author: L0RD Vendor Homepage: https://codecanyon.net/item/multiplayer-blackjack-online-casino-game/15411706?srank=1628 CVE: N/A Version: 2.5 Description : Multiplayer BlackJack...
VirtueMart 3.1.14 - Persistent Cross-Site Scripting
Exploit Title: VirtueMart 3.1.14 - Persistent Cross-Site Scripting Date: 2018-02-25 Software Link: http://virtuemart.net/ Exploit Author: Mattia Furlani CVE: CVE-2018-7465 Category: webapps 1. Description An XSS issue was discovered in VirtueMart before 3.2.14. All the textareas in the admin area...
CVE-2009-5151
The stub component of Absolute Computrace Agent V70.785 executes code from a disk's inter-partition space without requiring a digital signature for that code, which allows attackers to execute code on the BIOS. This allows a privileged local user to achieve persistent control of BIOS behavior,...
Cross site scripting
Jenkins before versions 2.44, 2.32.2 is vulnerable to a persisted cross-site scripting in parameter names and descriptions SECURITY-353. Users with the permission to configure jobs were able to inject JavaScript into parameter names and descriptions...
phpVirtualBox 5.2 Cross Site Request Forgery / Cross Site Scripting Vulnerabilities
Exploit for php platform in category web applications Title: phpVirtualBox / CSRF - Stored XSS Discovered by: @codexlynx Software Version: //lib/ajax.php" name="csrf" " / 2Stored XSS -------------------------------- Many fields don't sanitize inputs. This vulnerability could allow a user role...
phpVirtualBox 5.2 Cross Site Request Forgery / Cross Site Scripting
Title: phpVirtualBox / CSRF - Stored XSS Date: 03/04/2018 Discovered by: @codexlynx Software Version: //lib/ajax.php" name="csrf" " / 2Stored XSS -------------------------------- Many fields don't sanitize inputs. This vulnerability could allow a user role escalation in the application. - POC:...
MyBB Latest Posts on Profile Plugin 1.1 - Cross-Site Scripting
MyBB Latest Posts on Profile Plugin 1.1 - Cross-Site Scripting Exploit Title: MyBB Latest Posts on Profile Plugin v1.1 - Cross-Site Scripting Date: 4/20/2018 Author: 0xB9 Contact: luxorforums.com/User-0xB9 or 0xB9atpm.me Software Link: https://community.mybb.com/mods.php?action=view&pid=914...
MyBB Latest Posts On Profile 1.1 Cross Site Scripting
Exploit Title: MyBB Latest Posts on Profile Plugin v1.1 - Cross-Site Scripting Date: 4/20/2018 Author: 0xB9 Contact: luxorforums.com/User-0xB9 or 0xB9atpm.me Software Link: https://community.mybb.com/mods.php?action=view&pid=914 Version: 1.1 Tested on: Ubuntu 17.10 CVE: CVE-2018-10580 1...
MyBB Latest Posts on Profile Plugin 1.1 - Cross-Site Scripting
Exploit Title: MyBB Latest Posts on Profile Plugin v1.1 - Cross-Site Scripting Date: 4/20/2018 Author: 0xB9 Contact: luxorforums.com/User-0xB9 or 0xB9atpm.me Software Link: https://community.mybb.com/mods.php?action=view&pid=914 Version: 1.1 Tested on: Ubuntu 17.10 CVE: CVE-2018-10580 1...
WordPress WF Cookie Consent 1.1.3 Cross Site Scripting
Exploit Title: WF Cookie Consent - Authenticated Persistent Cross-Site Scripting Date: 23/04/2018 Exploit Author: B0UG Vendor Homepage: http://www.wunderfarm.com/ Software Link: https://en-gb.wordpress.org/plugins/wf-cookie-consent/ Version: Tested on version 1.1.3 older versions may also be...
WordPress Plugin WF Cookie Consent 1.1.3 - Cross-Site Scripting
Exploit Title: WF Cookie Consent - Authenticated Persistent Cross-Site Scripting Date: 23/04/2018 Exploit Author: B0UG Vendor Homepage: http://www.wunderfarm.com/ Software Link: https://en-gb.wordpress.org/plugins/wf-cookie-consent/ Version: Tested on version 1.1.3 older versions may also be...