7660 matches found
CVE-2020-5205
CVE-2020-5205 affects Pow (Hex package) prior to 1.0.16 in Pow.Plug.Session when a persistent session store (e.g., Redis or database) is used. The vulnerability enables session fixation attacks due to how Plug.Session handles the session across persistent stores; cookie store usage (common in Pho...
Cisco NX-OS Software Secure Configuration Bypass (cisco-sa-20190515-nxos-conf-bypass)
According to its self-reported version, Cisco NX-OS Software is affected by a configuration bypass vulnerability due to a lack of proper validation of system files when the persistent configuration information is read from the file system. An authenticated, local attacker can exploit this, by...
TownHub < 1.0.6 - Multiple Vulnerabilities
Multiple vulnerabilities was discovered in the 'TownHub - Directory & Listing WordPress Theme', tested version — v1.0.2: - Unauthenticated XSS - Authenticated Persistent XSS - IDOR Edit WPScanTeam: December 27h, 2019 - Envato Contacted January 5th, 2020 - Envato Investigating January 6th, 2020 -...
CityBook < 2.3.4 - Multiple Vulnerabilities
Multiple vulnerabilities was discovered in the 'CityBook - Directory & Listing WordPress Theme', tested version — v2.3.3: - Unauthenticated Reflected XSS - Authenticated Persistent XSS - IDOR Edit WPScanTeam: December 27h, 2019 - Envato Contacted January 6th, 2020 - Envato Investigating January...
Codoforum 4.8.3 - (input_txt) Persistent Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: Codoforum 4.8.3 - Persistent Cross-Site Scripting Google Dork: intext:"Powered by Codoforum" Exploit Author: Vyshnav Vizz Vendor Homepage: https://codoforum.com/index.php Software Link: https://codoforum.com/buy Version: Codofor...
Codoforum 4.8.3 - input_txt Persistent Cross-Site Scripting
Codoforum 4.8.3 - inputtxt Persistent Cross-Site Scripting Exploit Title: Codoforum 4.8.3 - Persistent Cross-Site Scripting Google Dork: intext:"Powered by Codoforum" Date: 2020-01-07 Exploit Author: Vyshnav Vizz Vendor Homepage: https://codoforum.com/index.php Software Link:...
Codoforum 4.8.3 - 'input_txt' Persistent Cross-Site Scripting
Exploit Title: Codoforum 4.8.3 - Persistent Cross-Site Scripting Google Dork: intext:"Powered by Codoforum" Date: 2020-01-07 Exploit Author: Vyshnav Vizz Vendor Homepage: https://codoforum.com/index.php Software Link: https://codoforum.com/buy Version: Codoforum 4.8.3 Tested on: Linux CVE : N/A...
Tricky Phish Angles for Persistence, Not Passwords
Late last year saw the re-emergence of a nasty phishing tactic that allows the attacker to gain full access to a user's data stored in the cloud without actually stealing the account password. The phishing lure starts with a link that leads to the real login page for a cloud email and/or file...
CVE-2013-5638
Transcend WiFiSD 1.8 has persistent XSS...
CVE-2013-5637
PQI AirCard has persistent XSS...
CVE-2013-5638
Transcend WiFiSD 1.8 has persistent XSS...
Cross site scripting
PQI AirCard has persistent XSS...
CVE-2013-5638
Transcend WiFiSD 1.8 has persistent XSS...
CVE-2013-5638
The CVE-2013-5638 entry concerns Transcend WiFiSD 1.8, where a persistent cross-site scripting (XSS) vulnerability exists in the web application. The root cause is described as lack of proper validation of client-side data by the WEB application, enabling an attacker to execute client-side code. ...
CVE-2013-5637
CVE-2013-5637 affects PQI AirCard with a persistent cross-site scripting (XSS) vulnerability. Multiple connected sources describe an XSS flaw arising from insufficient validation of client-side data, enabling attacker-controlled input to be reflected or stored in a web context. CVSS data indicate...
CVE-2013-5637
PQI AirCard has persistent XSS...
Dairy Farm Shop Management System 1.0 Cross Site Scripting
Exploit Title: Dairy Farm Shop Management System v1.0 - Persistent Cross-Site Scripting Google Dork: N/A Date: 2020-01-03 Exploit Author: Chris Inzinga Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/dairy-farm-shop-management-system-using-php-and-mysql/ Version: v1...
CVE-2020-5191
PHPGurukul Hospital Management System in PHP v4.0 suffers from multiple Persistent XSS vulnerabilities...
Cross site scripting
PHPGurukul Hospital Management System in PHP v4.0 suffers from multiple Persistent XSS vulnerabilities...
CVE-2020-5191
PHPGurukul Hospital Management System in PHP v4.0 suffers from multiple Persistent XSS vulnerabilities...