VTech DigiGo 83.60630 Browser Overlay Attack Vulnerability

Exploit for cgi platform in category web applications ------------------------------------------------------------------------ Multiple vulnerabilities in VTech DigiGo allow browser overlay attack ------------------------------------------------------------------------ Sipke Mellema, September 20...

Fedora 27 : 2:qemu (2017-8db9c497f9)

Fix ppc64 KVM failure bz 1501936 - CVE-2017-15038: 9p: information disclosure when reading extended attributes bz 1499111 - CVE-2017-15268: potential memory exhaustion via websock connection to VNC bz 1496882 ---- qemu-pr-helper didn't work due to a change in the libmultipath/libmpathpersist APIs...

Magento Connect T1 Cross Site Scripting Vulnerability

Exploit for php platform in category web applications Document Title: =============== Magento Connect T1 - Claim Persistent Vulnerability Vulnerability Class: ==================== Cross Site Scripting - Persistent Current Estimated Price: ======================== 1.000a! - 2.000a! Product & Servi...

CVE-2017-18014

An NC-25986 issue was discovered in the Logging subsystem of Sophos XG Firewall with SFOS before 17.0.3 MR3. An unauthenticated user can trigger a persistent XSS vulnerability found in the WAF log page Control Center - Log Viewer - in the filter option "Web Server Protection" in the webadmin...

Cross site scripting

An NC-25986 issue was discovered in the Logging subsystem of Sophos XG Firewall with SFOS before 17.0.3 MR3. An unauthenticated user can trigger a persistent XSS vulnerability found in the WAF log page Control Center - Log Viewer - in the filter option "Web Server Protection" in the webadmin...

Xnami 1.0 - Cross-Site Scripting

Xnami 1.0 - Cross-Site Scripting Exploit Title: Xnami Image Sharing - Persistent XSS Vulnerability Google Dork: " Copyright 2017 xnami. " & 2018 Date: 11-01-2018 Exploit Author: Dennis Veninga Contact Author: d.veninga at networking4all.com Vendor Homepage: bizlogicdev.com Version: 1.0 CVE-ID:...

Xnami Image Sharing 1.0 Cross Site Scripting

Exploit Title: Xnami Image Sharing - Persistent XSS Vulnerability Google Dork: " Copyright 2017 xnami. " & 2018 Date: 11-01-2018 Exploit Author: Dennis Veninga Contact Author: d.veninga at networking4all.com Vendor Homepage: bizlogicdev.com Version: 1.0 CVE-ID: CVE-2018-5370 Xnami facilitates the...

Xnami 1.0 - Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: Xnami Image Sharing - Persistent XSS Vulnerability Google Dork: " Copyright 2017 xnami. " & 2018 Exploit Author: Dennis Veninga Contact Author: d.veninga at networking4all.com Vendor Homepage: bizlogicdev.com Version: 1.0 CVE-ID...

Magento Connect T1 Cross Site Scripting

Document Title: =============== Magento Connect T1 - Claim Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1469 Release Date: ============= 2018-01-08 Vulnerability Laboratory ID VL-ID: ==================================== 1469...

Taxi Booking Script 1.0 Cross Site Scripting

Exploit Title: Taxi Booking Script v1.0 - Cross-site Scripting XSS Date: 11.01.2018 Vendor Homepage: https://www.phpjabbers.com/taxi-booking-script/ Software Link: Demo: http://demo.phpjabbers.com/1515648238792/index.php?controller=pjAdminUsers&action=pjActionIndex&err=AU01 Version: 1.0 Category:...

Piwigo v2.8.2 & 2.9.1 CMS - Multiple Cross Site Vulnerabilities

Document Title: =============== Piwigo v2.8.2 & 2.9.1 CMS - Multiple Cross Site Vulnerabilities References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2005 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-5692 CVE-ID: ======= CVE-2018-5692 Release Date...

SonicWall GMS v8.1 - Filter Bypass & Persistent Vulnerability

Document Title: =============== SonicWall GMS v8.1 - Filter Bypass & Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1819 Release Notes:...

Taxi Booking Script 1.0 - Cross-site Scripting

Exploit Title: Taxi Booking Script v1.0 - Cross-site Scripting XSS Date: 11.01.2018 Vendor Homepage: https://www.phpjabbers.com/taxi-booking-script/ Software Link: Demo: http://demo.phpjabbers.com/1515648238792/index.php?controller=pjAdminUsers&action=pjActionIndex&err=AU01 Version: 1.0 Category:...

Xnami 1.0 - Cross-Site Scripting

Exploit Title: Xnami Image Sharing - Persistent XSS Vulnerability Google Dork: " Copyright 2017 xnami. " & 2018 Date: 11-01-2018 Exploit Author: Dennis Veninga Contact Author: d.veninga at networking4all.com Vendor Homepage: bizlogicdev.com Version: 1.0 CVE-ID: CVE-2018-5370 Xnami facilitates the...

Piwigo v2.8.2 & 2.9.1 CMS - Multiple Cross Site Vulnerabilities

Document Title: =============== Piwigo v2.8.2 & 2.9.1 CMS - Multiple Cross Site Vulnerabilities References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2005 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-5692 CVE-ID: ======= CVE-2018-5692 Release Date...

SonicWall GMS v8.1 - Filter Bypass & Persistent Vulnerability

Document Title: =============== SonicWall GMS v8.1 - Filter Bypass & Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1819 Release Notes:...

Sophos XG from Unauthenticated Persistent XSS to Unauthorized Root Access(CVE-2017-18014)

Vulnerability Summary The following advisory describes an unauthenticated persistent XSS that leads to unauthorized root access found in Sophos XG version 17. Sophos XG Firewall “provides unprecedented visibility into your network, users, and applications directly from the all-new control center...

Joomla! Easydiscuss Cross Site Scripting

Exploit Title: Joomla Plugin Easydiscuss inside the body, everything after the will be executed in the useras browser. Works with every version up to 4.0.20 2. Proof of Concept Login with permissions to post a message, insert in the body and add any html code after that, whenever a user tries to...

Cross site scripting

Multiple persistent stored Cross-Site-Scripting XSS vulnerabilities in the files /wb/admin/admintools/tool.php Droplet Description and /install/index.php Site Title in WebsiteBaker 2.10.0 allow attackers to insert persistent JavaScript code that gets reflected back to users in multiple areas in t...

WordPress Social Media Widget by Acurax 3.2.5 Plugin - Cross-Site Request Forgery Vulnerability

Exploit for php platform in category web applications Exploit Title: Social Media Widget by Acurax CSRF Discovery Date: 2017-12-12 Exploit Author: Panagiotis Vagenas Author Link: https://twitter.com/panVagenas Vendor Homepage: http://www.acurax.com/ Software Link:...