7660 matches found
CVE-2019-17532
An issue was discovered on Belkin Wemo Switch 28B WW2.00.11057.PVT-OWRT-SNS devices. They allow remote attackers to cause a denial of service persistent rules-processing outage via a crafted ruleDbBody element in a StoreRules request to the upnp/control/rules1 URI, because database corruption...
Default credentials
IceWarp Webclient before 10.2.1 has XSS via an HTTP POST request: webmail/ with the parameter password is non-persistent in 10.2.0...
Design/Logic Flaw
IceWarp Webclient before 10.2.1 has XSS via an HTTP POST request: admin/login.html with the parameter username is persistent in 10.2.0...
Intelbras Router WRN150 1.0.18 Cross Site Scripting
Exploit Title: Intelbras Router WRN150 1.0.18 - Persistent Cross-Site Scripting Date: 2019-10-03 Exploit Author: Prof. Joas Antonio Vendor Homepage: https://www.intelbras.com/pt-br/ Software Link: http://en.intelbras.com.br/node/25896 Version: 1.0.18 Tested on: Windows CVE : CVE-2019–17411 PoC 1:...
Cross-Site Scripting (XSS) in script src
Client-side scripts are used extensively by modern web applications. They perform from simple functions such as the formatting of text up to full manipulation of client-side data and Operating System interaction. Cross Site Scripting XSS allows clients to inject scripts into a request and have th...
Intelbras Router WRN150 1.0.18 - Persistent Cross-Site Scripting
Exploit Title: Intelbras Router WRN150 1.0.18 - Persistent Cross-Site Scripting Date: 2019-10-03 Exploit Author: Prof. Joas Antonio Vendor Homepage: https://www.intelbras.com/pt-br/ Software Link: http://en.intelbras.com.br/node/25896 Version: 1.0.18 Tested on: Windows CVE : CVE-2019–17411 PoC 1:...
CVE-2019-17427
In Redmine before 3.4.11 and 4.0.x before 4.0.4, persistent XSS exists due to textile formatting errors...
CVE-2019-17427
In Redmine before 3.4.11 and 4.0.x before 4.0.4, persistent XSS exists due to textile formatting errors...
CVE-2019-17427
In Redmine before 3.4.11 and 4.0.x before 4.0.4, persistent XSS exists due to textile formatting errors...
UBUNTU-CVE-2019-17427
In Redmine before 3.4.11 and 4.0.x before 4.0.4, persistent XSS exists due to textile formatting errors...
Persistence – Screensaver
Screensavers are part of Windows functionality and enable users to put a screen message or a graphic animation after a period of inactivity. This feature of Windows it is known to be abused by threat actors as a method of persistence. This is because screensavers are executable files that have th...
thesystem 1.0 Cross Site Scripting
Exploit Title: thesystem Persistent XSS Author: Anıl Baran Yelken Discovery Date: 2019-09-28 Vendor Homepage: https://github.com/kostasmitroglou/thesystem Software Link: https://github.com/kostasmitroglou/thesystem Tested Version: 1.0 Tested on OS: Windows 10 CVE: N/A Type: Webapps Description:...
thesystem 1.0 - Cross-Site Scripting
thesystem 1.0 - Cross-Site Scripting Exploit Title: thesystem Persistent XSS Author: Anıl Baran Yelken Discovery Date: 2019-09-28 Vendor Homepage: https://github.com/kostasmitroglou/thesystem Software Link: https://github.com/kostasmitroglou/thesystem Tested Version: 1.0 Tested on OS: Windows 10...
InoERP 0.7.2 - Persistent Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: InoERP 0.7.2 - Persistent Cross-Site Scripting Google Dork: None Exploit Author: strider Vendor: http://inoideas.org/ Software Link: https://github.com/inoerp/inoERP Version: 0.7.2 Tested on: Debian 10 Buster x64 / Kali Linux CV...
thesystem 1.0 - Cross-Site Scripting
Exploit Title: thesystem Persistent XSS Author: Anıl Baran Yelken Discovery Date: 2019-09-28 Vendor Homepage: https://github.com/kostasmitroglou/thesystem Software Link: https://github.com/kostasmitroglou/thesystem Tested Version: 1.0 Tested on OS: Windows 10 CVE: N/A Type: Webapps Description:...
WordPress Theme Zoner Real Estate - 4.1.1 Persistent Cross-Site Scripting
WordPress Theme Zoner Real Estate - 4.1.1 Persistent Cross-Site Scripting Exploit Title: WordPress Theme Zoner Real Estate - 4.1.1 Persistent Cross-Site Scripting Google Dork: inurl:/wp-content/themes/zoner/ Date: 2019-09-24 Exploit Author: m0ze Vendor Homepage: https://fruitfulcode.com/ Software...
InoERP 0.7.2 - Persistent Cross-Site Scripting
InoERP 0.7.2 - Persistent Cross-Site Scripting Exploit Title: InoERP 0.7.2 - Persistent Cross-Site Scripting Google Dork: None Date: 2019-09-14 Exploit Author: strider Vendor: http://inoideas.org/ Software Link: https://github.com/inoerp/inoERP Version: 0.7.2 Tested on: Debian 10 Buster x64 / Kal...
Zoner < 4.2 - Persistent XSS & IDOR
----- Persistent XSS: ----- 'Address' input field on the 'Local information' block is vulnerable so you can use your payload to steal admin cookies or do some redirects etc. ----- IDOR: ----- POST request https://zoner.fruitfulcode.com/wp-admin/admin-ajax.php?action=deletepropertyactid=XXX=YYY...
thesystem App 1.0 Cross Site Scripting
Exploit Title: thesystem App 1.0 - Persistent Cross-Site Scripting Author: İsmail Güngör Discovery Date: 2019-09-26 Vendor Homepage: https://github.com/kostasmitroglou/thesystem Software Link: https://github.com/kostasmitroglou/thesystem Tested Version: 1.0 Tested on OS: Windows 10 CVE: N/A...
WordPress Zoner Real Estate Theme 4.1.1 Cross Site Scripting
Exploit Title: WordPress Theme Zoner Real Estate - 4.1.1 Persistent Cross-Site Scripting Google Dork: inurl:/wp-content/themes/zoner/ Date: 2019-09-24 Exploit Author: m0ze Vendor Homepage: https://fruitfulcode.com/ Software Link:...