Cisco Firepower Management Center Persistent Cross-Site Scripting Vulnerability

A vulnerability in the HTTP framework of Cisco Firepower Management Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against an affected device. The vulnerability is due to insufficient filtering of output data. An attacker could exploit this...

phpATM 1.32 - Multiple Vulnerabilities

!-- Exploit Title : "phpATM = 1.32 Multiple CSRF Vulnerabilities & Full Path Disclosure Vulnerability" Date : 17/06/2016 Author : Paolo Massenio - pmassenioATgmail Vendor : phpATM - http://phpatm.org/ Version : = 1.32 Tested on : Windows 10 with XAMPP 1 CSRF in configure.php phpATM lets the...

Ultrabenosaurus ChatBoard - Persistent Cross-Site Scripting

Ultrabenosaurus ChatBoard - Persistent Cross-Site Scripting Exploit Title: Ultrabenosaurus ChatBoard - Stored XSS Date: 2016-06-14 Exploit Author: HaHwul Exploit Author Blog: www.hahwul.com Vendor Homepage: http://ultrabenosaurus.ninja/ Software Link:...

Ultrabenosaurus ChatBoard - Persistent Cross-Site Scripting

Exploit for php platform in category web applications Exploit Title: Ultrabenosaurus ChatBoard - Stored XSS Date: 2016-06-14 Exploit Author: HaHwul Exploit Author Blog: www.hahwul.com Vendor Homepage: http://ultrabenosaurus.ninja/ Software Link:...

Ultrabenosaurus ChatBoard - Persistent Cross-Site Scripting

Exploit Title: Ultrabenosaurus ChatBoard - Stored XSS Date: 2016-06-14 Exploit Author: HaHwul Exploit Author Blog: www.hahwul.com Vendor Homepage: http://ultrabenosaurus.ninja/ Software Link: https://github.com/Ultrabenosaurus/ChatBoard/archive/master.zip Tested on: Debian wheezy Vulnerability...

CVE-2016-2822

Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allow remote attackers to spoof the address bar via a SELECT element with a persistent menu...

FRticket Ticket System - Persistent Cross-Site Scripting

FRticket Ticket System - Persistent Cross-Site Scripting Exploit Title: FRticket - Ticket System - Stored XSS Google Dork: if applicable Date: 11.06.2016 Exploit Author: Hamit ABİŞ Vendor Homepage: http://codecanyon.net/item/frticket-ticket-system/16539836 Version: v1 About Get the world’s most...

FRticket Ticket System - Persistent Cross-Site Scripting

Exploit for php platform in category web applications Exploit Title: FRticket - Ticket System - Stored XSS Google Dork: if applicable Date: 11.06.2016 Exploit Author: Hamit ABİŞ Vendor Homepage: http://codecanyon.net/item/frticket-ticket-system/16539836 Version: v1 About Get the world’s most...

FRticket Ticket System - Persistent Cross-Site Scripting

Exploit Title: FRticket - Ticket System - Stored XSS Google Dork: if applicable Date: 11.06.2016 Exploit Author: Hamit ABİŞ Vendor Homepage: http://codecanyon.net/item/frticket-ticket-system/16539836 Version: v1 About Get the world’s most popular customer support ticket system. FRticket is...

phpMyFAQ 2.9.0 - Persistent Cross-Site Scripting

phpMyFAQ 2.9.0 - Persistent Cross-Site Scripting Exploit Title: phpMyFAQ 2.9.0 Stored XSS Date: 09-06-2016 Software Link: http://www.phpmyfaq.de/ Exploit Author: Kacper Szurek Contact: http://twitter.com/KacperSzurek Website: http://security.szurek.pl/ Category: webapps 1. Description PHP...

Mozilla: Addressbar spoofing though the SELECT element (MFSA 2016-52)

Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allow remote attackers to spoof the address bar via a SELECT element with a persistent menu...

CVE-2016-2822

Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allow remote attackers to spoof the address bar via a SELECT element with a persistent menu...

Mapbox Filter Bypass / Script Insertion

Document Title: =============== Mapbox API - Filter Bypass & Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1787 ID: 119802 Release Date: ============= 2016-06-06 Vulnerability Laboratory ID VL-ID:...

FreeBSD : mozilla -- multiple vulnerabilities (8065d37b-8e7c-4707-a608-1b0a2b8509c3)

Mozilla Foundation reports : MFSA 2016-49 Miscellaneous memory safety hazards rv:47.0 / rv:45.2 MFSA 2016-50 Buffer overflow parsing HTML5 fragments MFSA 2016-51 Use-after-free deleting tables from a contenteditable document MFSA 2016-52 Addressbar spoofing though the SELECT element MFSA 2016-54...

UBUNTU-CVE-2016-2822

Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allow remote attackers to spoof the address bar via a SELECT element with a persistent menu...

Entering fullscreen and persistent pointerlock without user permission — Mozilla

Security researcher sushi Anton Larsson reported that when paired fullscreen and pointerlock requests are done in combination with closing windows, a pointerlock can be created within a fullscreen window without user permission. This pointerlock cannot then be cancelled without terminating the...

Mapbox (API) - Filter Bypass & Persistent Vulnerability

Document Title: =============== Mapbox API - Filter Bypass & Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1787 ID: 119802 Release Date: ============= 2016-06-06 Vulnerability Laboratory ID VL-ID:...

Wordpress Levo-Slideshow v2.3 - Persistent Vulnerability

Document Title: =============== Wordpress Levo-Slideshow v2.3 - Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1855 Release Date: ============= 2016-06-06 Vulnerability Laboratory ID VL-ID: ====================================...

Wordpress Levo-Slideshow v2.3 - Persistent Vulnerability

Document Title: =============== Wordpress Levo-Slideshow v2.3 - Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1855 Release Date: ============= 2016-06-05 Vulnerability Laboratory ID VL-ID: ====================================...

Mapbox (API) - Filter Bypass & Persistent Vulnerability

Document Title: =============== Mapbox API - Filter Bypass & Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1787 ID: 119802 Release Date: ============= 2016-06-05 Vulnerability Laboratory ID VL-ID:...