7660 matches found
InoERP 0.7.2 Cross Site Scripting
Exploit Title: InoERP 0.7.2 - Persistent Cross-Site Scripting Google Dork: None Date: 2019-09-14 Exploit Author: strider Vendor: http://inoideas.org/ Software Link: https://github.com/inoerp/inoERP Version: 0.7.2 Tested on: Debian 10 Buster x64 / Kali Linux CVE : None...
WordPress Zoner Real Estate Theme 4.1.1 Cross Site Scripting
Exploit Title: WordPress Theme Zoner Real Estate - 4.1.1 Persistent Cross-Site Scripting Google Dork: inurl:/wp-content/themes/zoner/ Date: 2019-09-24 Exploit Author: m0ze Vendor Homepage: https://fruitfulcode.com/ Software Link:...
Zoner < 4.2 - Persistent XSS & IDOR
----- Persistent XSS: ----- 'Address' input field on the 'Local information' block is vulnerable so you can use your payload to steal admin cookies or do some redirects etc. ----- IDOR: ----- POST request https://zoner.fruitfulcode.com/wp-admin/admin-ajax.php?action=deletepropertyactid=XXX=YYY...
thesystem App 1.0 - Persistent Cross-Site Scripting
Exploit Title: thesystem App 1.0 - Persistent Cross-Site Scripting Author: İsmail Güngör Discovery Date: 2019-09-26 Vendor Homepage: https://github.com/kostasmitroglou/thesystem Software Link: https://github.com/kostasmitroglou/thesystem Tested Version: 1.0 Tested on OS: Windows 10 CVE: N/A...
WordPress Theme Zoner Real Estate - 4.1.1 Persistent Cross-Site Scripting
Exploit Title: WordPress Theme Zoner Real Estate - 4.1.1 Persistent Cross-Site Scripting Google Dork: inurl:/wp-content/themes/zoner/ Date: 2019-09-24 Exploit Author: m0ze Vendor Homepage: https://fruitfulcode.com/ Software Link:...
InoERP 0.7.2 - Persistent Cross-Site Scripting
Exploit Title: InoERP 0.7.2 - Persistent Cross-Site Scripting Google Dork: None Date: 2019-09-14 Exploit Author: strider Vendor: http://inoideas.org/ Software Link: https://github.com/inoerp/inoERP Version: 0.7.2 Tested on: Debian 10 Buster x64 / Kali Linux CVE : None...
Duplicate-Post 3.2.3 - Persistent Cross-Site Scripting
Duplicate-Post 3.2.3 - Persistent Cross-Site Scripting Exploit Title: Duplicate-Post 3.2.3 - Persistent Cross-Site Scripting Google Dork: N/A Date: 2019-06-11 Exploit Author: Unk9vvN Vendor Homepage: https://duplicate-post.lopo.it/ Software Link: https://wordpress.org/plugins/duplicate-post/...
all-in-one-seo-pack 3.2.7 - Persistent Cross-Site Scripting
all-in-one-seo-pack 3.2.7 - Persistent Cross-Site Scripting Exploit Title: all-in-one-seo-pack 3.2.7 - Persistent Cross-Site Scripting Google Dork: inurl:"\wp-content\plugins\all-in-one-seo-pack" Date: 2019-06-13 Exploit Author: Unk9vvN Vendor Homepage:...
Duplicate-Post 3.2.3 Cross Site Scripting
Exploit Title: Duplicate-Post 3.2.3 - Persistent Cross-Site Scripting Google Dork: N/A Date: 2019-06-11 Exploit Author: Unk9vvN Vendor Homepage: https://duplicate-post.lopo.it/ Software Link: https://wordpress.org/plugins/duplicate-post/ Version: 3.2.3 Tested on: Kali Linux CVE: N/A Description...
all-in-one-seo-pack 3.2.7 Cross Site Scripting
Exploit Title: all-in-one-seo-pack 3.2.7 - Persistent Cross-Site Scripting Google Dork: inurl:"\wp-content\plugins\all-in-one-seo-pack" Date: 2019-06-13 Exploit Author: Unk9vvN Vendor Homepage: https://semperplugins.com/all-in-one-seo-pack-pro-version Software Link:...
WordPress Duplicate-Post 3.2.3 - Persistent Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: Duplicate-Post 3.2.3 - Persistent Cross-Site Scripting Exploit Author: Unk9vvN Vendor Homepage: https://duplicate-post.lopo.it/ Software Link: https://wordpress.org/plugins/duplicate-post/ Version: 3.2.3 Tested on: Kali Linux CV...
WP Server Log Viewer 1.0 Cross Site Scripting
Exploit Title: WP Server Log Viewer 1.0 - 'logfile' Persistent Cross-Site Scripting Date: 2019-09-10 Exploit Author: strider Software Link: https://github.com/anttiviljami/wp-server-log-viewer Version: 1.0 Tested on: Debian 10 Buster x64 / Kali Linux CVE : None...
Microsoft SharePoint 2013 SP1 - (DestinationFolder) Persistant Cross-Site Scripting Vulnerability
Exploit for asp platform in category web applications Exploit Title: Microsoft SharePoint 2013 SP1 - 'DestinationFolder' Persistent Cross-Site Scripting Author: Davide Cioccia Vendor Homepage: https://www.microsoft.com Software Link:...
WP Server Log Viewer 1.0 - logfile Persistent Cross-Site Scripting
WP Server Log Viewer 1.0 - logfile Persistent Cross-Site Scripting Exploit Title: WP Server Log Viewer 1.0 - 'logfile' Persistent Cross-Site Scripting Date: 2019-09-10 Exploit Author: strider Software Link: https://github.com/anttiviljami/wp-server-log-viewer Version: 1.0 Tested on: Debian 10...
WP Server Log Viewer 1.0 - 'logfile' Persistent Cross-Site Scripting
Exploit Title: WP Server Log Viewer 1.0 - 'logfile' Persistent Cross-Site Scripting Date: 2019-09-10 Exploit Author: strider Software Link: https://github.com/anttiviljami/wp-server-log-viewer Version: 1.0 Tested on: Debian 10 Buster x64 / Kali Linux CVE : None...
GOautodial 4.0 - (CreateEvent) Persistent Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: GOautodial 4.0 - 'CreateEvent' Persistent Cross-Site Scripting Author: Cakes Vendor Homepage: https://goautodial.org/ Software Link:...
CVE-2019-14913
An issue was discovered in PRiSE adAS 1.7.0. Log data are not properly escaped, leading to persistent XSS in the administration panel...
CVE-2019-14913
PRiSE adAS 1.7.0 is affected by a persistent XSS in the administration panel due to log data not being properly escaped. Root cause: inadequate escaping in the logging path. Impact: XSS could affect users with access to the admin UI; exact exploit details, affected components, versions beyond 1.7...
GOautodial 4.0 - CreateEvent Persistent Cross-Site Scripting
GOautodial 4.0 - CreateEvent Persistent Cross-Site Scripting Exploit Title: GOautodial 4.0 - 'CreateEvent' Persistent Cross-Site Scripting Author: Cakes Discovery Date: 2019-09-19 Vendor Homepage: https://goautodial.org/ Software Link:...
GOautodial 4.0 - 'CreateEvent' Persistent Cross-Site Scripting
Exploit Title: GOautodial 4.0 - 'CreateEvent' Persistent Cross-Site Scripting Author: Cakes Discovery Date: 2019-09-19 Vendor Homepage: https://goautodial.org/ Software Link: https://downloads2.goautodial.org/centos/7/isos/x8664/GOautodial-4-x8664-Pre-Release-20180929-0618.iso Tested Version: 4.0...