WordPress Plugin Job Manager 0.7.22 - Persistent Cross-Site Scripting

Job Manager Persistent XSS Details ======================================================================================== Product: Job Manager Plugin For Wordpress Vendor-URL: www.wp-jobmanager.com CVE-ID: CVE-2015-2321 Credits...

Microweber 1.0.3 - Persistent Cross-Site Scripting / Cross-Site Request Forgery (Add Admin)

Microweber v1.0.3 Stored XSS And CSRF Add Admin Exploit form action="http://localhost/microweber-latest/api/saveuser" method="POST...

Ebay Magento Bug Bounty #9 - Bypass & Persistent Vulnerability

Document Title: =============== Ebay Magento Bug Bounty 9 - Bypass & Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1443 EIBBP-31471 Release Date: ============= 2015-08-06 Vulnerability Laboratory ID VL-ID:...

WordPress Filedownload 1.4 Open Proxy

Title: Open Proxy in filedownload v1.4 wordpress plugin Author: Larry W. Cashdollar, @larry0 Date: 2015-07-11 Download Site: https://wordpress.org/plugins/filedownload/ Vendor: Peter Gross Vendor Notified: 2015-07-11 Vendor Contact: [email protected] Description: Creates a downloadlink with t...

Ebay Magento Bug Bounty #9 - Bypass & Persistent Vulnerability

Document Title: =============== Ebay Magento Bug Bounty 9 - Bypass & Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1443 EIBBP-31471 Release Date: ============= 2015-08-05 Vulnerability Laboratory ID VL-ID:...

D-Link DCS-2103 1.20 CSRF / Cross Site Scripting Vulnerabilities

Exploit for hardware platform in category web applications There are Cross-Site Request Forgery and Cross-Site Scripting vulnerabilities in D-Link DCS-2103 IP camera. ------------------------- Affected products: ------------------------- Vulnerable is the next model: D-Link DCS-2103, Firmware...

WordPress Job Manager 0.7.22 Cross Site Scripting

Job Manager Persistent XSS Details ======================================================================================== Product: Job Manager Plugin For Wordpress Vendor-URL: www.wp-jobmanager.com CVE-ID: CVE-2015-2321 Credits...

D-Link DCS-2103 1.20 CSRF / Cross Site Scripting

Hello list! There are Cross-Site Request Forgery and Cross-Site Scripting vulnerabilities in D-Link DCS-2103 IP camera. ------------------------- Affected products: ------------------------- Vulnerable is the next model: D-Link DCS-2103, Firmware 1.0.0. Version 1.20 and previous versions also mus...

Hawkeye-G 3.0.1.4912 - Persistent Cross-Site Scripting Information Leakage

Hawkeye-G 3.0.1.4912 - Persistent Cross-Site Scripting Information Leakage Exploit Title: Persistent XSS, Information Leakage IDS / IPS Google Dork: intitle: Persistent XSS, Information Leakage IDS / IPS Date: 2015-07-25 Exploit Author: John Page hyp3rlinx Website: hyp3rlinx.altervista.org Vendor...

FoxyCart Bug Bounty #1 - Filter Bypass & Persistent Vulnerability

Document Title: =============== FoxyCart Bug Bounty 1 - Filter Bypass & Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1451 098bdc9b309783df65044c5abb690dafdd4bcd436c380ae68c924fe37e14b4e0 Release Date: ============= 2015-07-15...

Apple iTunes & AppStore - Persistent Store Vulnerability

Document Title: =============== Apple iTunes & AppStore - Persistent Store Vulnerability References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1517 Video View: https://www.youtube.com/watch?v=iPvmrFgvpDQ Advisory: http://www.vulnerability-lab.com/getcontent.php?id=1512 Releas...

Hawkeye-G 3.0.1.4912 Cross Site Scripting / Information Leakage

Credits: John Page hyp3rlinx + Domains: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-HAWKEYEG0725.txt Vendor: ================================ www.hexiscyber.com Product: ================================ Hawkeye-G v3.0.1.4912 Hawkeye G is an active defense...

Hawkeye-G 3.0.1.4912 - Persistent Cross-Site Scripting / Information Leakage

Exploit Title: Persistent XSS, Information Leakage IDS / IPS Google Dork: intitle: Persistent XSS, Information Leakage IDS / IPS Date: 2015-07-25 Exploit Author: John Page hyp3rlinx Website: hyp3rlinx.altervista.org Vendor Homepage: www.hexiscyber.com Software Link:...

Apple iTunes & AppStore - Persistent Store Vulnerability

Document Title: =============== Apple iTunes & AppStore - Persistent Store Vulnerability References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1517 Video View: https://www.youtube.com/watch?v=iPvmrFgvpDQ Advisory: http://www.vulnerability-lab.com/getcontent.php?id=1512 Releas...

AdHocMate v1.0 iOS - Persistent Mail Encode Vulnerability

Document Title: =============== AdHocMate v1.0 iOS - Persistent Mail Encode Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1559 Release Date: ============= 2015-07-27 Vulnerability Laboratory ID VL-ID: ====================================...

AirDroid iOS Android Win 3.1.3 - Persistent

AirDroid iOS Android Win 3.1.3 - Persistent Document Title: =============== Airdroid iOS, Android & Win 3.1.3 - Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1543 Release Date: ============= 2015-07-20 Vulnerability Laboratory ...

AirDroid iOS / Android / Win 3.1.3 - Persistent

Document Title: =============== Airdroid iOS, Android & Win 3.1.3 - Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1543 Release Date: ============= 2015-07-20 Vulnerability Laboratory ID VL-ID: ==================================...

phpVibe < 4.20 - Persistent Cross-Site Scripting

phpVibe The vulnerability exists because the user input is not properly sanitized and this can lead to malicious code injection that will be executed on the target’s browser -- Proof of Concept -- 1. The attacker posts a new comment which contains our payload: " 2. The stored XSS can be triggered...

Airdroid iOS, Android & Win 3.1.3 - Persistent Vulnerability

Document Title: =============== Airdroid iOS, Android & Win 3.1.3 - Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1543 Release Date: ============= 2015-07-20 Vulnerability Laboratory ID VL-ID: ==================================...

Active Super Shop 1.0 Cross Site Scripting

Exploit Title:Active Super Shop Persistent XSS Date: Fri July 17 2015 Exploit Author: Angelo Ruwantha Vendor Homepage: http://activeitzone.com/ Version:1.0 Tested on: archlinux Vulnerabilitypersistent XSS ======================== contact form fields vulnerable to persistent xss. +Method:POST...