WordPress Activity Log Plugin 2.3.1 - Persistent XSS

Because of this vulnerability, an attacker can inject malicious JavaScript code in to the application. Solution Upgrade the WordPress plugin to the newer stable and safe version...

WordPress All in One SEO Pack Plugin 2.3.6.1 - Persistent XSS

Because of this vulnerability, an attacker can steal administrators session token or perform other arbitrary actions. Solution Update the WordPress plugin to the newer stable and safe version...

Fuzzing Windows Binaries: WinAFL

AFL is a popular fuzzing tool for coverage-guided fuzzing. The tool combines fast target execution with clever heuristics to find new execution paths in the target binary. It has been successfully used to find a large number of vulnerabilities in real products. For more info about the original...

XSS in newFileName Field

From an external report: quote Confluence recently has been tested and, as a result, we were able to verify the existence of at least one persistent XSS vulnerability. This vulnerability is present in the Edit Attachment feature — specifically in the newFileName field — accessible through the...

IBM BlueMix Cloud Script Insertion

Document Title: =============== IBM BlueMix Cloud - API Persistent Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1846 IBM Security Tracking ID: 5377-12593283 Release Date: ============= 2016-07-04 Vulnerability Laboratory ID VL-ID:...

IBM BlueMix Cloud - (API) Persistent Web Vulnerability

Document Title: =============== IBM BlueMix Cloud - API Persistent Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1846 IBM Security Tracking ID: 5377-12593283 Release Date: ============= 2016-07-04 Vulnerability Laboratory ID VL-ID:...

KWSPHP CMS v1.6.995 - Persistent Cross Site Vulnerability

Document Title: =============== KWSPHP CMS v1.6.995 - Persistent Cross Site Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1867 Release Date: ============= 2016-07-01 Vulnerability Laboratory ID VL-ID: ====================================...

KWSPHP CMS v1.6.995 - Persistent Cross Site Vulnerability

Document Title: =============== KWSPHP CMS v1.6.995 - Persistent Cross Site Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1867 Release Date: ============= 2016-06-30 Vulnerability Laboratory ID VL-ID: ====================================...

CodoForum 3.4 - Persistent Cross-Site Scripting

CodoForum 3.4 - Persistent Cross-Site Scripting Exploit Title: Codoforum v3.4 Stored Cross-Site Scripting Stored XSS Google Dork: intext:"powered by codoforum" Date: 01/06/2016 Exploit Author: Ahmed Sherif OffensiveBits Vendor Homepage: http://codologic.com/page/ Software Link:...

iBilling 3.7.0 - Persistent Cross-Site Scripting Reflected Cross-Site Scripting

iBilling 3.7.0 - Persistent Cross-Site Scripting Reflected Cross-Site Scripting iBilling v3.7.0 Multiple Stored and Reflected Cross Site Scripting Vulnerabilities Vendor: iBilling Product web page: http://www.ibilling.io/ Affected version: 3.7.0 Summary: The features you want, the simplicity you...

CodoForum 3.4 - Persistent Cross-Site Scripting

Exploit Title: Codoforum v3.4 Stored Cross-Site Scripting Stored XSS Google Dork: intext:"powered by codoforum" Date: 01/06/2016 Exploit Author: Ahmed Sherif OffensiveBits Vendor Homepage: http://codologic.com/page/ Software Link: http://codoforum.com/index.php Version: V3.4 Tested on: Linux Mint...

Radiant CMS 1.1.3 Cross Site Scripting

Exploit Title: Radiant CMS 1.1.3 - Mutiple Persistant XSS Vulnerabilities Exploit Author: David Silveiro Exploit Author Github: github.com/davidsilveiro Exploit Author Twitter: twitter.com/davidsilveiro Vendor Homepage: http://radiantcms.org/ Software Link: http://radiantcms.org/download/ Date:...

sNews CMS 1.7.1 CSRF / Cross Site Scripting / Code Execution

Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/SNEWS-RCE-CSRF-XSS.txt + ISR: APPARITIONSEC Vendor: ============ snewscms.com Product: ================ sNews CMS v1.7.1 Vulnerability Type: =================================== Persistent...

YetiForce CRM 3.1 - Persistent Cross-Site Scripting

YetiForce CRM 3.1 - Persistent Cross-Site Scripting Exploit Title: YetiForce CRM Accounts' select your prefered user, and then in the 'Comments' section input; Either refresh the current page, or navigate back to 'Accounts'...

Radiant CMS 1.1.3 - Multiple Persistent Cross-Site Scripting Vulnerabilities

Radiant CMS 1.1.3 - Multiple Persistent Cross-Site Scripting Vulnerabilities Exploit Title: Radiant CMS 1.1.3 - Mutiple Persistant XSS Vulnerabilities Exploit Author: David Silveiro Exploit Author Github: github.com/davidsilveiro Exploit Author Twitter: twitter.com/davidsilveiro Vendor Homepage:...

Radiant CMS 1.1.3 - Multiple Persistent Cross-Site Scripting

Exploit for ruby platform in category web applications Exploit Title: Radiant CMS 1.1.3 - Mutiple Persistant XSS Vulnerabilities Exploit Author: David Silveiro Exploit Author Github: github.com/davidsilveiro Exploit Author Twitter: twitter.com/davidsilveiro Vendor Homepage: http://radiantcms.org/...

YetiForce CRM < 3.1 - Persistent Cross-Site Scripting

Exploit for php platform in category web applications Exploit Title: YetiForce CRM Accounts' select your prefered user, and then in the 'Comments' section input; Either refresh the current page, or navigate back to 'Accounts' 0day.today 2018-03-28...

sNews CMS 1.7.1 - Multiple Vulnerabilities

Exploit for php platform in category web applications + Credits: hyp3rlinx + ISR: APPARITIONSEC Vendor: ============ snewscms.com Product: ================ sNews CMS v1.7.1 Vulnerability Type: =================================== Persistent Remote Command Execution Cross Site Request Forgeries CSR...

sNews CMS 1.7.1 - Multiple Vulnerabilities

sNews CMS 1.7.1 - Multiple Vulnerabilities + Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/SNEWS-RCE-CSRF-XSS.txt + ISR: APPARITIONSEC Vendor: ============ snewscms.com Product: ================ sNews CMS v1.7.1 Vulnerability Type:...

sNews CMS 1.7.1 - Multiple Vulnerabilities

Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/SNEWS-RCE-CSRF-XSS.txt + ISR: APPARITIONSEC Vendor: ============ snewscms.com Product: ================ sNews CMS v1.7.1 Vulnerability Type: =================================== Persistent...