Lucene search
K

7660 matches found

CVE
CVE
added 2020/01/09 2:5 a.m.98 views

CVE-2020-5205

CVE-2020-5205 affects Pow (Hex package) prior to 1.0.16 in Pow.Plug.Session when a persistent session store (e.g., Redis or database) is used. The vulnerability enables session fixation attacks due to how Plug.Session handles the session across persistent stores; cookie store usage (common in Pho...

6.5CVSS5.5AI score0.0077EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2020/01/09 12:0 a.m.52 views

Cisco NX-OS Software Secure Configuration Bypass (cisco-sa-20190515-nxos-conf-bypass)

According to its self-reported version, Cisco NX-OS Software is affected by a configuration bypass vulnerability due to a lack of proper validation of system files when the persistent configuration information is read from the file system. An authenticated, local attacker can exploit this, by...

7.2CVSS6.6AI score0.00251EPSS
Exploits0References8
wpexploit
wpexploit
added 2020/01/09 12:0 a.m.67 views

TownHub < 1.0.6 - Multiple Vulnerabilities

Multiple vulnerabilities was discovered in the 'TownHub - Directory & Listing WordPress Theme', tested version — v1.0.2: - Unauthenticated XSS - Authenticated Persistent XSS - IDOR Edit WPScanTeam: December 27h, 2019 - Envato Contacted January 5th, 2020 - Envato Investigating January 6th, 2020 -...

6.4CVSS6.5AI score0.0317EPSS
Exploits7References1
wpexploit
wpexploit
added 2020/01/09 12:0 a.m.45 views

CityBook < 2.3.4 - Multiple Vulnerabilities

Multiple vulnerabilities was discovered in the 'CityBook - Directory & Listing WordPress Theme', tested version — v2.3.3: - Unauthenticated Reflected XSS - Authenticated Persistent XSS - IDOR Edit WPScanTeam: December 27h, 2019 - Envato Contacted January 6th, 2020 - Envato Investigating January...

6.4CVSS6.5AI score0.0317EPSS
Exploits7References1
0day.today
0day.today
added 2020/01/08 12:0 a.m.79 views

Codoforum 4.8.3 - (input_txt) Persistent Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: Codoforum 4.8.3 - Persistent Cross-Site Scripting Google Dork: intext:"Powered by Codoforum" Exploit Author: Vyshnav Vizz Vendor Homepage: https://codoforum.com/index.php Software Link: https://codoforum.com/buy Version: Codofor...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2020/01/08 12:0 a.m.69 views

Codoforum 4.8.3 - input_txt Persistent Cross-Site Scripting

Codoforum 4.8.3 - inputtxt Persistent Cross-Site Scripting Exploit Title: Codoforum 4.8.3 - Persistent Cross-Site Scripting Google Dork: intext:"Powered by Codoforum" Date: 2020-01-07 Exploit Author: Vyshnav Vizz Vendor Homepage: https://codoforum.com/index.php Software Link:...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2020/01/08 12:0 a.m.116 views

Codoforum 4.8.3 - &#039;input_txt&#039; Persistent Cross-Site Scripting

Exploit Title: Codoforum 4.8.3 - Persistent Cross-Site Scripting Google Dork: intext:"Powered by Codoforum" Date: 2020-01-07 Exploit Author: Vyshnav Vizz Vendor Homepage: https://codoforum.com/index.php Software Link: https://codoforum.com/buy Version: Codoforum 4.8.3 Tested on: Linux CVE : N/A...

7.4AI score
Exploits0
Krebs on Security
Krebs on Security
added 2020/01/07 9:35 p.m.65 views

Tricky Phish Angles for Persistence, Not Passwords

Late last year saw the re-emergence of a nasty phishing tactic that allows the attacker to gain full access to a user's data stored in the cloud without actually stealing the account password. The phishing lure starts with a link that leads to the real login page for a cloud email and/or file...

6.8AI score
Exploits0
NVD
NVD
added 2020/01/07 5:15 p.m.12 views

CVE-2013-5638

Transcend WiFiSD 1.8 has persistent XSS...

5.4CVSS5.3AI score0.00575EPSS
Exploits1References2
NVD
NVD
added 2020/01/07 5:15 p.m.7 views

CVE-2013-5637

PQI AirCard has persistent XSS...

5.4CVSS5.3AI score0.00486EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2020/01/07 5:15 p.m.2 views

CVE-2013-5638

Transcend WiFiSD 1.8 has persistent XSS...

5.4CVSS5.4AI score0.00575EPSS
Exploits1References4
Prion
Prion
added 2020/01/07 5:15 p.m.9 views

Cross site scripting

PQI AirCard has persistent XSS...

3.5CVSS6.3AI score0.00486EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2020/01/07 4:31 p.m.13 views

CVE-2013-5638

Transcend WiFiSD 1.8 has persistent XSS...

5.3AI score0.00575EPSS
Exploits1References2
CVE
CVE
added 2020/01/07 4:31 p.m.48 views

CVE-2013-5638

The CVE-2013-5638 entry concerns Transcend WiFiSD 1.8, where a persistent cross-site scripting (XSS) vulnerability exists in the web application. The root cause is described as lack of proper validation of client-side data by the WEB application, enabling an attacker to execute client-side code. ...

5.4CVSS5.3AI score0.00575EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2020/01/07 4:27 p.m.52 views

CVE-2013-5637

CVE-2013-5637 affects PQI AirCard with a persistent cross-site scripting (XSS) vulnerability. Multiple connected sources describe an XSS flaw arising from insufficient validation of client-side data, enabling attacker-controlled input to be reflected or stored in a web context. CVSS data indicate...

5.4CVSS5.3AI score0.00486EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2020/01/07 4:27 p.m.14 views

CVE-2013-5637

PQI AirCard has persistent XSS...

5.3AI score0.00486EPSS
Exploits1References1
Packet Storm
Packet Storm
added 2020/01/07 12:0 a.m.166 views

Dairy Farm Shop Management System 1.0 Cross Site Scripting

Exploit Title: Dairy Farm Shop Management System v1.0 - Persistent Cross-Site Scripting Google Dork: N/A Date: 2020-01-03 Exploit Author: Chris Inzinga Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/dairy-farm-shop-management-system-using-php-and-mysql/ Version: v1...

6.7AI score0.01325EPSS
Exploits2
NVD
NVD
added 2020/01/06 1:15 a.m.25 views

CVE-2020-5191

PHPGurukul Hospital Management System in PHP v4.0 suffers from multiple Persistent XSS vulnerabilities...

6.1CVSS6.2AI score0.0552EPSS
Exploits3References2
Prion
Prion
added 2020/01/06 1:15 a.m.20 views

Cross site scripting

PHPGurukul Hospital Management System in PHP v4.0 suffers from multiple Persistent XSS vulnerabilities...

4.3CVSS6.1AI score0.0552EPSS
Exploits3References2Affected Software1
Cvelist
Cvelist
added 2020/01/06 12:58 a.m.21 views

CVE-2020-5191

PHPGurukul Hospital Management System in PHP v4.0 suffers from multiple Persistent XSS vulnerabilities...

6.2AI score0.0552EPSS
Exploits3References2
Rows per page
Query Builder