Lucene search
K

7660 matches found

exploitpack
exploitpack
added 2019/11/05 12:0 a.m.28 views

thrsrossi Millhouse-Project 1.414 - content Persistent Cross-Site Scripting

thrsrossi Millhouse-Project 1.414 - content Persistent Cross-Site Scripting Exploit Title: thrsrossi Millhouse-Project 1.414 - 'content' Persistent Cross-Site Scripting Date: 2019-11-01 Exploit Author: Cakes Vendor Homepage: https://github.com/thrsrossi/Millhouse-Project Software Link:...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2019/11/05 12:0 a.m.214 views

html5_snmp 1.11 Cross Site Scripting

Exploit Title: html5snmp 1.11 - 'Remark' Persistent Cross-Site Scripting Date: 2019-11-01 Exploit Author: Cakes Vendor Homepage: https://github.com/lolypop55/html5snmp Software Link: https://github.com/lolypop55/html5snmp.git Version: 1.11 Tested on: CentOS 7 CVE: N/A PoC POST...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2019/11/05 12:0 a.m.15 views

html5_snmp 1.11 - Remark Persistent Cross-Site Scripting

html5snmp 1.11 - Remark Persistent Cross-Site Scripting Exploit Title: html5snmp 1.11 - 'Remark' Persistent Cross-Site Scripting Date: 2019-11-01 Exploit Author: Cakes Vendor Homepage: https://github.com/lolypop55/html5snmp Software Link: https://github.com/lolypop55/html5snmp.git Version: 1.11...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/05 12:0 a.m.194 views

thrsrossi Millhouse-Project 1.414 - 'content' Persistent Cross-Site Scripting

Exploit Title: thrsrossi Millhouse-Project 1.414 - 'content' Persistent Cross-Site Scripting Date: 2019-11-01 Exploit Author: Cakes Vendor Homepage: https://github.com/thrsrossi/Millhouse-Project Software Link: https://github.com/thrsrossi/Millhouse-Project.git Version: 1.414 Tested on: CentOS 7...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/05 12:0 a.m.235 views

html5_snmp 1.11 - 'Remark' Persistent Cross-Site Scripting

Exploit Title: html5snmp 1.11 - 'Remark' Persistent Cross-Site Scripting Date: 2019-11-01 Exploit Author: Cakes Vendor Homepage: https://github.com/lolypop55/html5snmp Software Link: https://github.com/lolypop55/html5snmp.git Version: 1.11 Tested on: CentOS 7 CVE: N/A PoC POST...

7.4AI score
Exploits0
ThreatPost
ThreatPost
added 2019/10/30 12:58 p.m.53 views

Android Malware Plaguing 45K Devices Remains a Mystery

Researchers are on the hunt for the infection vector behind a mysterious mobile malware that has infected over 45,000 Android devices in the past six months. Researchers said they have detected a surge in detections of the malware, dubbed Xhelper, which can hide itself from users, download...

0.3AI score
Exploits0References7
Kitploit
Kitploit
added 2019/10/26 8:49 p.m.138 views

Tails 4.0 - Live System to Preserve Your Privacy and Anonymity

Tails is a live system that aims to preserve your privacy and anonymity. It helps you to use the Internet anonymously and circumvent censorship almost anywhere you go and on any computer but leaving no trace unless you ask it to explicitly. It is a complete operating system designed to be used fr...

7.5AI score
Exploits0References1
CNVD
CNVD
added 2019/10/25 12:0 a.m.3 views

Memory leak vulnerability in multiple Huawei products (CNVD-2019-38501)

The Huawei AR1200, among others, is an enterprise router from Huawei, a Chinese company. A memory leak vulnerability exists in multiple Huawei products. A remote attacker could exploit the vulnerability by sending a persistent message to cause a service exception...

6.5CVSS6.8AI score0.00872EPSS
Exploits0References1
Prion
Prion
added 2019/10/17 5:15 p.m.14 views

Cross site scripting

In NCH Express Accounts Accounting v7.02, persistent cross site scripting XSS exists in Invoices/Sales Orders/Items/Customers/Quotes input field. An authenticated unprivileged user can add/modify the Invoices/Sales Orders/Items/Customers/Quotes fields parameter to inject arbitrary JavaScript...

3.5CVSS5.2AI score0.00579EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2019/10/17 4:55 p.m.46 views

CVE-2019-16330

CVE-2019-16330 affects NCH Express Accounts Accounting v7.02, with a persistent XSS in Invoices/Sales Orders/Items/Customers/Quotes input fields. An authenticated unprivileged user can modify these fields to inject arbitrary JavaScript, enabling client-side script execution. Connected documents c...

5.4CVSS5.2AI score0.00579EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2019/10/17 4:55 p.m.17 views

CVE-2019-16330

In NCH Express Accounts Accounting v7.02, persistent cross site scripting XSS exists in Invoices/Sales Orders/Items/Customers/Quotes input field. An authenticated unprivileged user can add/modify the Invoices/Sales Orders/Items/Customers/Quotes fields parameter to inject arbitrary JavaScript...

5.3AI score0.00579EPSS
Exploits1References1
exploitpack
exploitpack
added 2019/10/17 12:0 a.m.17 views

WordPress Plugin Popup Builder 3.49 - Persistent Cross-Site Scripting

WordPress Plugin Popup Builder 3.49 - Persistent Cross-Site Scripting Exploit Title: Wordpress Popup Builder 3.49 - Persistent Cross-Site Scripting Google Dork: inurl:"\wp-content\plugins\popupbuilder" Date: 2019-06-13 Exploit Author: Unk9vvN Vendor Homepage: https://popup-builder.com/ Software...

6.7AI score
Exploits0
Packet Storm
Packet Storm
added 2019/10/17 12:0 a.m.232 views

WordPress Soliloquy Lite 2.5.6 Cross Site Scripting

Exploit Title: Wordpress Soliloquy Lite 2.5.6 - Persistent Cross-Site Scripting Google Dork: inurl:"\wp-content\plugins\soliloquy-lite" Date: 2019-06-13 Exploit Author: Unk9vvN Vendor Homepage: https://soliloquywp.com/ Software Link: https://wordpress.org/plugins/soliloquy-lite/ Version: 2.5.6...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/10/17 12:0 a.m.301 views

WordPress Plugin FooGallery 1.8.12 - Persistent Cross-Site Scripting

Exploit Title: Wordpress FooGallery 1.8.12 - Persistent Cross-Site Scripting Google Dork: inurl:"\wp-content\plugins\foogallery" Date: 2019-06-13 Exploit Author: Unk9vvN Vendor Homepage: https://foo.gallery/ Software Link: https://wordpress.org/plugins/foogallery/ Version: 1.8.12 Tested on: Kali...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/10/17 12:0 a.m.357 views

WordPress Plugin Popup Builder 3.49 - Persistent Cross-Site Scripting

Exploit Title: Wordpress Popup Builder 3.49 - Persistent Cross-Site Scripting Google Dork: inurl:"\wp-content\plugins\popupbuilder" Date: 2019-06-13 Exploit Author: Unk9vvN Vendor Homepage: https://popup-builder.com/ Software Link: https://wordpress.org/plugins/popup-builder/ Version: 3.49 Tested...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2019/10/17 12:0 a.m.226 views

WordPress Plugin Soliloquy Lite 2.5.6 - Persistent Cross-Site Scripting

Exploit Title: Wordpress Soliloquy Lite 2.5.6 - Persistent Cross-Site Scripting Google Dork: inurl:"\wp-content\plugins\soliloquy-lite" Date: 2019-06-13 Exploit Author: Unk9vvN Vendor Homepage: https://soliloquywp.com/ Software Link: https://wordpress.org/plugins/soliloquy-lite/ Version: 2.5.6...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2019/10/16 12:0 a.m.20 views

Accounts Accounting 7.02 - Persistent Cross-Site Scripting

Accounts Accounting 7.02 - Persistent Cross-Site Scripting Exploit Title: Express Accounts Accounting 7.02 - Persistent Cross-Site Scripting Exploit Author: Debashis Pal Date: 2019-10-16 Vendor Homepage: https://www.nchsoftware.com Source: https://www.nchsoftware.com/accounting/index.html Version...

6.8AI score
Exploits0
NVD
NVD
added 2019/10/14 6:15 p.m.14 views

CVE-2019-16282

In NCH Express Invoice v7.12, persistent cross site scripting XSS exists via the Invoices/Items/Customers/Quotes input field. An authenticated unprivileged user can add/modify the Invoices/Items/Customers fields parameter to inject arbitrary JavaScript...

5.4CVSS5.3AI score0.00581EPSS
Exploits0References1
CVE
CVE
added 2019/10/14 5:2 p.m.79 views

CVE-2019-16282

CVE-2019-16282 affects NCH Express Invoice v7.12. The vulnerability is a persistent cross-site scripting (XSS) flaw exploitable via the Invoices/Items/Customers/Quotes input fields. An authenticated unprivileged user can modify parameters in these fields to inject arbitrary JavaScript. The issue ...

5.4CVSS5.3AI score0.00581EPSS
Exploits0References1Affected Software1
Exploit DB
Exploit DB
added 2019/10/14 12:0 a.m.206 views

Express Invoice 7.12 - 'Customer' Persistent Cross-Site Scripting

Exploit Title: Express Invoice 7.12 - 'Customer' Persistent Cross-Site Scripting Exploit Author: Debashis Pal Date: 2019-10-13 Vendor Homepage: https://www.nchsoftware.com/ Source: https://www.nchsoftware.com/invoice/index.html Version: Express Invoice v7.12 CVE : N/A Tested on: Windows 7 SP132bi...

7.4AI score
Exploits0
Rows per page
Query Builder