7647 matches found
Atmail 7.1.1 PRO Cross Site Scripting
============================================================================ | Title : Atmail v7.1.1 PRO XSS Vulnerability | | Author : indoushka | | email : [email protected] | | Tested on : windows 10 FranASSais V.Pro | | Version : v7.1.1 | | Vendor : www.p30vel.ir | | Dork : Powered by...
Adobe CreativeCloud (Webform) - Persistent Vulnerability
Document Title: =============== Adobe CreativeCloud Webform - Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1848 Release Date: ============= 2018-01-04 Vulnerability Laboratory ID VL-ID: ==================================== 184...
Adobe CreativeCloud (Webform) - Persistent Vulnerability
Document Title: =============== Adobe CreativeCloud Webform - Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1848 Release Date: ============= 2018-01-04 Vulnerability Laboratory ID VL-ID: ==================================== 184...
Paragon Initiative Enterprises: Airship: Persistent XSS via Comment
Affected: Airship 2.0.0 commit 15bdc0d CVSS ---- Medium 6.1 https://www.first.org/cvss/calculator/3.0CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Description ----------- The "name" field of a comment on a blog post is vulnerable to persistent XSS. When replying to a comment, the comment name is...
Excerpts from Preparing for NGAV at Scale: Challenges and Approaches
Carbon Black recently published a guide to help enterprises gauge their readiness in their initial search for next-generation antivirus, or NGAV; this is the first excerpt from that guide, which you can find here. For more information about how Cb Defense, Carbon Black's NGAV + EDR solution, help...
CVE-2017-17826
The Configuration component of Piwigo 2.9.2 is vulnerable to Persistent Cross Site Scripting via the gallerytitle parameter in an admin.php?page=configuration§ion=main request. An attacker can exploit this to hijack a client's browser along with the data stored in it...
CVE-2017-17826
The Configuration component of Piwigo 2.9.2 is vulnerable to Persistent Cross Site Scripting via the gallerytitle parameter in an admin.php?page=configuration§ion=main request. An attacker can exploit this to hijack a client's browser along with the data stored in it...
CVE-2017-17826
The Configuration component of Piwigo 2.9.2 is vulnerable to Persistent Cross Site Scripting via the gallerytitle parameter in an admin.php?page=configuration§ion=main request. An attacker can exploit this to hijack a client's browser along with the data stored in it...
Cross site scripting
The Configuration component of Piwigo 2.9.2 is vulnerable to Persistent Cross Site Scripting via the gallerytitle parameter in an admin.php?page=configuration§ion=main request. An attacker can exploit this to hijack a client's browser along with the data stored in it...
CVE-2017-17825
The Batch Manager component of Piwigo 2.9.2 is vulnerable to Persistent Cross Site Scripting via tags- array parameters in an admin.php?page=batchmanager&mode=unit request. An attacker can exploit this to hijack a client's browser along with the data stored in it...
CVE-2017-17825
The CVE-2017-17825 entry affects Piwigo 2.9.2, specifically the Batch Manager component. The vulnerability is a Persistent Cross-Site Scripting (stored XSS) triggered by tags-* array parameters in the admin.php?page=batch_manager&mode=unit request, which can allow an attacker to hijack a user’s b...
CVE-2017-17825
The Batch Manager component of Piwigo 2.9.2 is vulnerable to Persistent Cross Site Scripting via tags- array parameters in an admin.php?page=batchmanager&mode=unit request. An attacker can exploit this to hijack a client's browser along with the data stored in it...
CVE-2017-17826
The Configuration component of Piwigo 2.9.2 is vulnerable to Persistent Cross Site Scripting via the gallerytitle parameter in an admin.php?page=configuration§ion=main request. An attacker can exploit this to hijack a client's browser along with the data stored in it...
CVE-2017-5256
In version 3.5 and prior of Cambium Networks ePMP firmware, all authenticated users have the ability to update the Device Name and System Description fields in the web administration console, and those fields are vulnerable to persistent cross-site scripting XSS injection...
Tech support scammers make browser lockers more resilient
Tech support scammers have been relying on fraudulent pop-ups for many years in order to scare potential victims into calling for remote assistance. These so-called browser lockers or browlocks typically originate from malicious ads malvertising that can appear on any website, including trusted...
Ability Mail Server 3.3.2 - Cross-Site Scripting Exploit
Exploit for multiple platform in category web applications Exploit Title: Ability Mail Server 3.3.2 Persistent Cross Site Scripting XSS CVE: CVE-2017-17752 Date: 19-12-2017 Software Link: http://download.codecrafters.com/ams3.exe Exploit Author: Aloyce J. Makalanga Contact:...
Ability Mail Server 3.3.2 - Cross-Site Scripting
Ability Mail Server 3.3.2 - Cross-Site Scripting Exploit Title: Ability Mail Server 3.3.2 Persistent Cross Site Scripting XSS CVE: CVE-2017-17752 Date: 19-12-2017 Software Link: http://download.codecrafters.com/ams3.exe Exploit Author: Aloyce J. Makalanga Contact: https://twitter.com/aloycemjr...
Ability Mail Server 3.3.2 - Cross-Site Scripting
Exploit Title: Ability Mail Server 3.3.2 Persistent Cross Site Scripting XSS CVE: CVE-2017-17752 Date: 19-12-2017 Software Link: http://download.codecrafters.com/ams3.exe Exploit Author: Aloyce J. Makalanga Contact: https://twitter.com/aloycemjr Vendor Homepage: http://www.codecrafters.com...
Security vulnerabilities fixed in Firefox ESR 52.5.2 — Mozilla
A buffer overflow occurs when drawing and validating elements using Direct 3D 9 with the ANGLE graphics library, used for WebGL content. This is due to an incorrect value being passed within the library during checks and results in a potentially exploitable crash. Note: This attack only affects...
FS IMDB Clone - XSS REFLECTED/PERSISTENT Vulnerabilties
Exploit for php platform in category web applications Exploit Title: FS IMDB Clone - XSS REFLECTED/PERSISTENT Exploit Author: Dan° Vendor Homepage: https://fortunescripts.com/ Software Link: https://fortunescripts.com/product/imdb-clone/ Version: 2017-12-06 Tested on: Kali Linux 2.0 PAYLOAD...