7660 matches found
CVE-2019-19642
On SuperMicro X8STi-F motherboards with IPMI firmware 2.06 and BIOS 02.68, the Virtual Media feature allows OS Command Injection by authenticated attackers who can send HTTP requests to the IPMI IP address. This requires a POST to /rpc/setvmdrive.asp with shell metacharacters in ShareHost or...
Online Inventory Manager 3.2 - Persistent Cross-Site Scripting
Online Inventory Manager 3.2 - Persistent Cross-Site Scripting Exploit Title: Online Inventory Manager 3.2 - Persistent Cross-Site Scripting Date: 2019-11-29 Exploit Author: Cemal Cihad ÇİFTÇİ Vendor Homepage: https://bigprof.com Software Link :...
Online Inventory Manager 3.2 Cross Site Scripting
Exploit Title: Online Inventory Manager 3.2 - Persistent Cross-Site Scripting Date: 2019-11-29 Exploit Author: Cemal Cihad ÇİFTÇİ Vendor Homepage: https://bigprof.com Software Link : https://bigprof.com/appgini/applications/online-inventory-manager Software : Online Inventory Manager Version : 3....
ListingPro < 2.0.14.5 - Reflected & Persistent Cross-Site Scripting
Reflected & Persistent XSS was discovered in the 'ListingPro - WordPress Directory Theme'. Current version is 2.0.14.2 August 9th 2019. Edit WPScanTeam: November 29th, 2019 - Envato Informed November 29th, 2019 - Envato Investigating December 4th, 2019 - v2.0.14.3 Released, fixing the reflected X...
ListingPro < 2.0.14.5 - Reflected & Persistent Cross-Site Scripting
Reflected & Persistent XSS was discovered in the 'ListingPro - WordPress Directory Theme'. Current version is 2.0.14.2 August 9th 2019. Edit WPScanTeam: November 29th, 2019 - Envato Informed November 29th, 2019 - Envato Investigating December 4th, 2019 - v2.0.14.3 Released, fixing the reflected X...
Online Inventory Manager 3.2 - Persistent Cross-Site Scripting
Exploit Title: Online Inventory Manager 3.2 - Persistent Cross-Site Scripting Date: 2019-11-29 Exploit Author: Cemal Cihad ÇİFTÇİ Vendor Homepage: https://bigprof.com Software Link : https://bigprof.com/appgini/applications/online-inventory-manager Software : Online Inventory Manager Version : 3....
CVE-2019-13936
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in webclient of Siemens AG Polarion could allow an attacker to exploit a persistent XSS vulnerability. This issue affects: Siemens AG Polarion All versions 19.2...
Skype v8.x - History Export v7 Web Vulnerability
Document Title: =============== Skype v8.x - History Export v7 Web Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2187 Vulnerability Magazine: https://www.vulnerability-db.com/?q=articles/2019/08/11/skype MSRC: VULN-007910 Release Date:...
Skype v8.x - History Export v7 Web Vulnerability
Document Title: =============== Skype v8.x - History Export v7 Web Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2187 Vulnerability Magazine: https://www.vulnerability-db.com/?q=articles/2019/08/11/skype MSRC: VULN-007910 Release Date:...
TestLink 1.9.19 - Persistent Cross-Site Scripting
TestLink 1.9.19 - Persistent Cross-Site Scripting Exploit Title: TestLink 1.9.19 - Persistent Cross-Site Scripting Date: 2019-11-20 Exploit Author: Milad Khoshdel Software Link: http://testlink.org/ Version: TestLink 1.9.19 Tested on: Linux Apache/2 PHP/7.3.11 ========= Vulnerable Pages: ========...
TestLink 1.9.19 - Persistent Cross-Site Scripting
Exploit Title: TestLink 1.9.19 - Persistent Cross-Site Scripting Date: 2019-11-20 Exploit Author: Milad Khoshdel Software Link: http://testlink.org/ Version: TestLink 1.9.19 Tested on: Linux Apache/2 PHP/7.3.11 ========= Vulnerable Pages: ========= Persistent --...
Cross site scripting
A persistent cross-site scripting XSS vulnerability in Octopus Server 3.4.0 through 2019.10.5 allows remote authenticated attackers to inject arbitrary web script or HTML...
TemaTres 3.0 - (value) Persistent Cross-site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: TemaTres 3.0 - 'value' Persistent Cross-site Scripting Author: Pablo Santiago Date: 2019-11-14 Vendor Homepage: https://www.vocabularyserver.com/ Source:...
TemaTres 3.0 - 'value' Persistent Cross-site Scripting
Exploit Title: TemaTres 3.0 - 'value' Persistent Cross-site Scripting Author: Pablo Santiago Date: 2019-11-14 Vendor Homepage: https://www.vocabularyserver.com/ Source: https://sourceforge.net/projects/tematres/files/TemaTres%203.0/tematres3.0.zip/download Version: 3.0 CVE : 2019–14343 Reference:...
Prima Access Control 2.3.35 - (HwName) Persistent Cross-Site Scripting Vulnerability
Exploit for hardware platform in category web applications Exploit Title: Prima Access Control 2.3.35 - 'HwName' Persistent Cross-Site Scripting Exploit Author: LiquidWorm Vendor Homepage: https://www.computrols.com/capabilities-cbas-web/ Software Link:...
Prima Access Control 2.3.35 - HwName Persistent Cross-Site Scripting
Prima Access Control 2.3.35 - HwName Persistent Cross-Site Scripting Exploit Title: Prima Access Control 2.3.35 - 'HwName' Persistent Cross-Site Scripting Google Dork: NA Date: 2019-11-11 Exploit Author: LiquidWorm Vendor Homepage: https://www.computrols.com/capabilities-cbas-web/ Software Link:...
Prima Access Control 2.3.35 - 'HwName' Persistent Cross-Site Scripting
Exploit Title: Prima Access Control 2.3.35 - 'HwName' Persistent Cross-Site Scripting Google Dork: NA Date: 2019-11-11 Exploit Author: LiquidWorm Vendor Homepage: https://www.computrols.com/capabilities-cbas-web/ Software Link: https://www.computrols.com/building-automation-software/ Version:...
html5_snmp 1.11 - (Remark) Persistent Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: html5snmp 1.11 - 'Remark' Persistent Cross-Site Scripting Exploit Author: Cakes Vendor Homepage: https://github.com/lolypop55/html5snmp Software Link: https://github.com/lolypop55/html5snmp.git Version: 1.11 Tested on: CentOS 7...
thrsrossi Millhouse-Project 1.414 - (content) Persistent Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: thrsrossi Millhouse-Project 1.414 - 'content' Persistent Cross-Site Scripting Exploit Author: Cakes Vendor Homepage: https://github.com/thrsrossi/Millhouse-Project Software Link: https://github.com/thrsrossi/Millhouse-Project.gi...
thrsrossi Millhouse-Project 1.414 Cross Site Scripting
Exploit Title: thrsrossi Millhouse-Project 1.414 - 'content' Persistent Cross-Site Scripting Date: 2019-11-01 Exploit Author: Cakes Vendor Homepage: https://github.com/thrsrossi/Millhouse-Project Software Link: https://github.com/thrsrossi/Millhouse-Project.git Version: 1.414 Tested on: CentOS 7...