7638 matches found
Microsoft Office 365 Outlook - Persistent Vulnerability
Document Title: =============== Microsoft Office 365 Outlook - Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=857 Microsoft Security Response Center MSRC ID: 14093 Microsoft Security Response Center MSRC MANAGER: JT Release Date...
Khan Academy: Persistent class XSS [the fuck]
Hi, I created a class called : " and it actually worked 0.0. It worked here for me : https://www.khanacademy.org/coach/reports/grid?force=1 Best regards, Olivier Beg...
Khan Academy: Stored XSS {dangerous?} https://www.khanacademy.org/coach/roster/?listId=allStudents
Hi, when you go to https://www.khanacademy.org/coach/roster/?listId=allStudents and press on add class you have the possebility to add a class obvious. when you name it " it will stay persistent. quite dangerous Best regards, Olivier Beg...
Vulnerability in World Largest Video Site Turned Million of Visitors into DDoS Zombies
An application layer or 'layer 7' distributed denial of service DDoS attacks is one of the most complicated web attack that disguised to look like legitimate traffic but targets specific areas of a website, making it even more difficult to detect and mitigate. Just Yesterday Cloud-based security...
Kyocera FS5250 Cross Site Scripting
Found the below on a printer a couple of years ago, sent to Kyocera but never heard anything back... Changing the 'Ready' message on a printer is quite a well known prank And much fun was had with this yesterday! but also an interesting avenue for injecting XSS, as the Kyocera printer management...
Private Photo+Video v1.1 Pro iOS - Persistent Vulnerability
Document Title: =============== Private Photo+Video v1.1 Pro iOS - Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1249 Release Date: ============= 2014-04-01 Vulnerability Laboratory ID VL-ID: ===================================...
Barracuda Message Archiver 650 - Persistent Web Vulnerability
Document Title: =============== Barracuda Message Archiver 650 - Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=751 Barracuda Networks Security ID BNSEC: 703 Release Date: ============= 2014-02-18 Vulnerability Laboratory ID...
Dell SonicWALL EMail Security Appliance Application 7.4.5 - Multiple Vulnerabilities
Dell SonicWALL EMail Security Appliance Application 7.4.5 - Multiple Vulnerabilities Document Title: =============== Dell SonicWall EMail Security Appliance Application v7.4.5 - Multiple Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=119...
Joomla! Component Kunena 3.0.4 - Persistent Cross-Site Scripting
Joomla! Component Kunena 3.0.4 - Persistent Cross-Site Scripting Persistent XSS in Joomla::Kunena 3.0.4 26. February 2014 by Qoppa +++ Description "Kunena is the leading Joomla forum component. Downloaded more than 3,750,000 times in nearly 6 years." Kunena is written in PHP. Users can post a...
GetSimple CMS 3.3.1 - Persistent Cross Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: etSimple CMS v3.3.1 Persistent Cross Site Scripting Google Dork: N/A Date: 24-03-2014 Exploit Author: Jeroen - IT Nerdbox Vendor Homepage: http://get-simple.info/ Software Link: http://get-simple.info/download/ Version: v3.3.1...
Getsimple CMS 3.3.1 - Persistent Cross-Site Scripting
Getsimple CMS 3.3.1 - Persistent Cross-Site Scripting Exploit Title: etSimple CMS v3.3.1 Persistent Cross Site Scripting Google Dork: N/A Date: 24-03-2014 Exploit Author: Jeroen - IT Nerdbox Vendor Homepage: http://get-simple.info/ Software Link: http://get-simple.info/download/ Version: v3.3.1...
Dell SonicWall EMail Security 7.4.5 - Multiple Vulnerabilities
Document Title: =============== Dell SonicWall EMail Security 7.4.5 - Multiple Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1191 Dell SonicWall Security Bulletin:...
Phabricator: Persistent XSS: Editor link
The editor link used for external applications allows scheme other than http: or https:. Although the phutiltag function checks whether the scheme is javascript: to prevent XSS attacks see GitHub, it is straightforward to bypass this check by adding a whitespace character in between javascript an...
Ubee EVW3200 Cross Site Scripting
Exploit Title: Ubee EVW3200 - Multiple Persistent Cross Site Scripting Google Dork: N/A Date: 02-03-2014 Exploit Author: Jeroen - IT Nerdbox Vendor Homepage: http://www.ubeeinteractive.com/ Software Link: http://www.ubeeinteractive.com/products/cable?fieldproductcatetorytid=20 Version: All Tested...
Ubee EVW3200 - Multiple Persistent Cross Site Scripting Vulnerability
Ubee EVW3200 suffers from multiple persistent cross site scripting vulnerabilities. Exploit Title: Ubee EVW3200 - Multiple Persistent Cross Site Scripting Google Dork: N/A Date: 02-03-2014 Exploit Author: Jeroen - IT Nerdbox Vendor Homepage: http://www.ubeeinteractive.com/ Software Link:...
Ubee EVW3200 - Multiple Persistent Cross-Site Scripting Vulnerabilities
Ubee EVW3200 - Multiple Persistent Cross-Site Scripting Vulnerabilities Exploit Title: Ubee EVW3200 - Multiple Persistent Cross Site Scripting Google Dork: N/A Date: 02-03-2014 Exploit Author: Jeroen - IT Nerdbox Vendor Homepage: http://www.ubeeinteractive.com/ Software Link:...
Ubee EVW3200 - Multiple Persistent Cross-Site Scripting Vulnerabilities
Exploit Title: Ubee EVW3200 - Multiple Persistent Cross Site Scripting Google Dork: N/A Date: 02-03-2014 Exploit Author: Jeroen - IT Nerdbox Vendor Homepage: http://www.ubeeinteractive.com/ Software Link: http://www.ubeeinteractive.com/products/cable?fieldproductcatetorytid=20 Version: All Tested...
Ilch CMS 2.0 - Persistent XSS Vulnerability
Ilch CMS version 2.0 suffers from a cross site scripting vulnerability. Product: Ilch CMS Vendor: http://ilch.de Vulnerable Versions: 2.0 and probably prior Tested Version: 2.0 Advisory Publication: February 12, 2014 without technical details Vendor Notification: February 12, 2014 Public...
ClickDesk 4.3 Cross Site Scripting
ClickDesk Multiple Persistent XSS Details ======================================================================================== Product: ClickDesk a cross platform live chat and support plugin Security-Risk: High Remote-Exploit: yes Vendor-URL: https://www.clickdesk.com/ Advisory-Status:...
SpagoBI 4.0 - Persistent HTML Script Insertion
Exploit for php platform in category web applications SpagoBI1 is an Open Source Business Intelligence suite, belonging to the free/open source SpagoWorld initiative, founded and supported by Engineering Group2. It offers a large range of analytical functions, a highly functional semantic layer...