7657 matches found
LimeSurvey 4.1.11 - 'Survey Groups' Persistent Cross-Site Scripting
Exploit Title: LimeSurvey 4.1.11 - 'Survey Groups' Persistent Cross-Site Scripting Date: 2020-04-02 Exploit Author: Matthew Aberegg, Michael Burkey Vendor Homepage: https://www.limesurvey.org Version: LimeSurvey 4.1.11+200316 Tested on: Ubuntu 18.04.4 CVE : CVE-2020-11456 Vulnerability Details...
Self-Propagating Malware Targets Thousands of Docker Ports Per Day
The Docker cloud containerization technology is under fire, with an organized, self-propagating cryptomining campaign targeting misconfigured open Docker Daemon API ports. Thousands of container-compromise attempts are being observed every day as part of the campaign, according to Gal Singer, a...
Pandora FMS 7.0NG - 'net_tools.php' Remote Code Execution
Exploit Title: Pandora FMS 7.0NG - 'nettools.php' Remote Code Execution Build: PC170324 - MR 0 Date: 2020-03-30 Exploit Author: Basim Alabdullah Vendor homepage: http://pandorafms.org/ Version: 7.0 Software link: https://pandorafms.org/features/free-download-monitoring-software/ Tested on: CentOS...
LeptonCMS 4.5.0 - Persistent Cross-Site Scripting
LeptonCMS 4.5.0 - Persistent Cross-Site Scripting Exploit Title: LeptonCMS 4.5.0 - Persistent Cross-Site Scripting Google Dork: "lepton cms" Date: 2019-03-24 Exploit Author: SunCSR Sun Cyber Security Research Vendor Homepage: https://lepton-cms.org/english/home.php Software Link:...
UliCMS 2020.1 - Persistent Cross-Site Scripting
UliCMS 2020.1 - Persistent Cross-Site Scripting Exploit Title: UliCMS 2020.1 - Persistent Cross-Site Scripting Google Dork: N/A Date: 2019-03-24 Exploit Author: SunCSR Vendor Homepage: https://en.ulicms.de Software Link: https://en.ulicms.de/currentversions.html Version: 2020.1 Tested on: Windows...
UliCMS 2020.1 Cross Site Scripting
Exploit Title: UliCMS 2020.1 - Persistent Cross-Site Scripting Google Dork: N/A Date: 2019-03-24 Exploit Author: SunCSR Vendor Homepage: https://en.ulicms.de Software Link: https://en.ulicms.de/currentversions.html Version: 2020.1 Tested on: Windows CVE : N/A Vulnerability : Stored Cross-Site...
Wordpress WPForms 1.5.9 Plugin - Persistent Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: Wordpress Plugin WPForms 1.5.9 - Persistent Cross-Site Scripting Vendor Homepage: https://wpforms.com Vendor Changelog: https://wordpress.org/plugins/wpforms-lite/developers Exploit Author: Jinson Varghese Behanan Author Advisor...
WordPress WPForms 1.5.9 Cross Site Scripting
Exploit Title: Wordpress Plugin WPForms 1.5.9 - Persistent Cross-Site Scripting Date: 2020-02-18 Vendor Homepage: https://wpforms.com Vendor Changelog: https://wordpress.org/plugins/wpforms-lite/developers Exploit Author: Jinson Varghese Behanan Author Advisory:...
UliCMS 2020.1 - Persistent Cross-Site Scripting Vulnerability
Exploit for hardware platform in category web applications Exploit Title: UliCMS 2020.1 - Persistent Cross-Site Scripting Exploit Author: SunCSR Vendor Homepage: https://en.ulicms.de Software Link: https://en.ulicms.de/currentversions.html Version: 2020.1 Tested on: Windows CVE : N/A Vulnerabilit...
UliCMS 2020.1 - Persistent Cross-Site Scripting
Exploit Title: UliCMS 2020.1 - Persistent Cross-Site Scripting Google Dork: N/A Date: 2019-03-24 Exploit Author: SunCSR Vendor Homepage: https://en.ulicms.de Software Link: https://en.ulicms.de/currentversions.html Version: 2020.1 Tested on: Windows CVE : CVE-2020-12704 Vulnerability : Stored...
Microsoft Edge Shares Privacy-Busting Telemetry, Research Alleges
Microsoft Edge is one of the least private web browsers — even more so than other popular browsers like Google Chrome and Mozilla Firefox — according to academic researchers. According to the analysis, from Douglas Leith with the School of Computer Science and Statistics at Trinity College in...
CVE-2020-0546
Unquoted service path in IntelR OptaneTM DC Persistent Memory Module Management Software before version 1.0.0.3461 may allow an authenticated user to potentially enable escalation of privilege and denial of service via local access...
Design/Logic Flaw
Unquoted service path in IntelR OptaneTM DC Persistent Memory Module Management Software before version 1.0.0.3461 may allow an authenticated user to potentially enable escalation of privilege and denial of service via local access...
CVE-2020-0546
Unquoted service path in IntelR OptaneTM DC Persistent Memory Module Management Software before version 1.0.0.3461 may allow an authenticated user to potentially enable escalation of privilege and denial of service via local access...
CVE-2020-0546
CVE-2020-0546 documents an unquoted service path in Intel Optane DC Persistent Memory Module Management Software prior to version 1.0.0.3461, potentially enabling local escalation of privilege and denial of service for authenticated users. Affects Intel Optane DC Persistent Memory Module Manageme...
Intel Optane DC Persistent Memory Module Management Software Authentication Error Vulnerability
Intel Graphics Drivers is an integrated graphics driver from Intel USA. A security vulnerability exists in versions prior to Intel Optane DC Persistent Memory Module Management Software 1.0.0.3461. A local attacker can exploit the vulnerability to elevate privileges...
CVE-2019-12444
An issue was discovered in GitLab Community and Enterprise Edition 8.9 through 11.11. Wiki Pages contained a lack of input validation which resulted in a persistent XSS vulnerability...
Cross site scripting
An issue was discovered in GitLab Enterprise Edition 11.7 through 11.11. The epic details page contained a lack of input validation and output encoding issue which resulted in a persistent XSS vulnerability on child epics...
CVE-2019-12444
An issue was discovered in GitLab Community and Enterprise Edition 8.9 through 11.11. Wiki Pages contained a lack of input validation which resulted in a persistent XSS vulnerability...
CVE-2019-12444
GitLab Wiki Pages input validation flaw in GitLab Community/Enterprise Edition 8.9–11.11 causes persistent XSS due to lack of input validation on Wiki pages. Root cause: unvalidated user input processed in Wiki rendering. Impacted components: Wiki Pages (GitLab web UI). Exploitation details are n...