Lucene search
K

7660 matches found

wpexploit
wpexploit
added 2019/09/16 12:0 a.m.39 views

InJob < 3.3.8 - Reflected & Persistent XSS

Multiple XSS vulnerabilities have been founded in the 'InJob | Multi-purpose for recruitment WordPress Theme' theme v3.3.6. Edit WPScanTeam: September 16th, 2019 - Envato Contacted September 16th, 2019 - v3.3.7 released. XSS still present October 11th, 2019 - Envato contacted again for updates...

Exploits0References1
WPVulnDB
WPVulnDB
added 2019/09/16 12:0 a.m.9 views

InJob < 3.3.8 - Reflected & Persistent XSS

Multiple XSS vulnerabilities have been founded in the 'InJob | Multi-purpose for recruitment WordPress Theme' theme v3.3.6. Edit WPScanTeam: September 16th, 2019 - Envato Contacted September 16th, 2019 - v3.3.7 released. XSS still present October 11th, 2019 - Envato contacted again for updates...

6.6AI score
Exploits0References1Affected Software1
OSV
OSV
added 2019/09/15 10:15 p.m.12 views

CVE-2019-16333

GetSimple CMS v3.3.15 has Persistent Cross-Site Scripting XSS in admin/theme-edit.php...

5.4CVSS5.9AI score
Exploits0References1
NVD
NVD
added 2019/09/15 10:15 p.m.13 views

CVE-2019-16334

In Bludit v3.9.2, there is a persistent XSS vulnerability in the Categories - Add New Category - Name field. NOTE: this may overlap CVE-2017-16636...

4.8CVSS5AI score0.00677EPSS
Exploits1References1
Prion
Prion
added 2019/09/15 10:15 p.m.15 views

Cross site scripting

GetSimple CMS v3.3.15 has Persistent Cross-Site Scripting XSS in admin/theme-edit.php...

3.5CVSS5.2AI score0.00667EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2019/09/15 10:15 p.m.17 views

Cross site scripting

In Bludit v3.9.2, there is a persistent XSS vulnerability in the Categories - Add New Category - Name field. NOTE: this may overlap CVE-2017-16636...

3.5CVSS5AI score0.00677EPSS
Exploits4References1Affected Software1
CVE
CVE
added 2019/09/15 9:22 p.m.88 views

CVE-2019-16333

GetSimple CMS v3.3.15 is affected by a persistent Cross-Site Scripting (XSS) vulnerability in admin/theme-edit.php. The CVE description and connected sources (NVD/NVD mirrors, OpenVAS entry, and related advisories) consistently identify GetSimple CMS 3.3.15 as vulnerable to XSS in that admin page...

5.4CVSS5.3AI score0.00667EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2019/09/15 9:22 p.m.15 views

CVE-2019-16333

GetSimple CMS v3.3.15 has Persistent Cross-Site Scripting XSS in admin/theme-edit.php...

5.3AI score0.00667EPSS
Exploits1References1
Cvelist
Cvelist
added 2019/09/15 9:22 p.m.17 views

CVE-2019-16334

In Bludit v3.9.2, there is a persistent XSS vulnerability in the Categories - Add New Category - Name field. NOTE: this may overlap CVE-2017-16636...

5AI score0.00677EPSS
Exploits1References1
CVE
CVE
added 2019/09/15 9:22 p.m.94 views

CVE-2019-16334

CVE-2019-16334 corresponds to a persistent XSS vulnerability in Bludit v3.9.2, exploitable via the Categories → Add New Category → Name field. The linked sources consistently state a stored/persistent XSS risk affecting that UI entry, with note that it may overlap CVE-2017-16636. No explicit expl...

4.8CVSS4.9AI score0.00677EPSS
Exploits1References1Affected Software1
Carbon Black Blog
Carbon Black Blog
added 2019/09/10 4:0 p.m.74 views

The 10 Most Common Attacks

This post is an excerpt from The Ultimate Cybersecurity Guide for the IT Professional. Common Attacks Today’s organizations face four main categories of adversaries. In order to fully defend against these four types, you must also understand what motivates them. This context will best position yo...

0.7AI score
Exploits0
exploitpack
exploitpack
added 2019/09/10 12:0 a.m.73 views

WordPress Plugin Photo Gallery 1.5.34 - Cross-Site Scripting

WordPress Plugin Photo Gallery 1.5.34 - Cross-Site Scripting Exploit Title: WordPress Plugin Photo Gallery by 10Web alert1; 4. Click Save and preview. 5. It will show pop-up confirming existence of XSS vulnerability Timeline 09-01-2019 - Vulnerability Reported 09-03-2019 - Vendor responded...

4.3CVSS0.2AI score0.04609EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/09/10 12:0 a.m.376 views

WordPress Plugin Photo Gallery 1.5.34 - Cross-Site Scripting (2)

Exploit Title: WordPress Plugin Photo Gallery by 10Web img src=a onerror='alert2;' 4. Click Save. 5. It will show pop-up confirming existence of XSS vulnerability Timeline 09-01-2019 - Vulnerability Reported 09-03-2019 - Vendor responded 09-04-2019 - New version released 1.5.35 09-10-2019 - Full...

6.1CVSS6.5AI score0.05303EPSS
Exploits4
Exploit DB
Exploit DB
added 2019/09/10 12:0 a.m.297 views

WordPress Plugin Photo Gallery 1.5.34 - Cross-Site Scripting

Exploit Title: WordPress Plugin Photo Gallery by 10Web alert1; 4. Click Save and preview. 5. It will show pop-up confirming existence of XSS vulnerability Timeline 09-01-2019 - Vulnerability Reported 09-03-2019 - Vendor responded 09-04-2019 - New version released 1.5.35 09-10-2019 - Full Disclosu...

6.1CVSS6AI score0.04609EPSS
Exploits5
OSV
OSV
added 2019/09/09 8:15 p.m.22 views

CVE-2019-6784

An issue was discovered in GitLab Community and Enterprise Edition before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. It allows XSS issue 1 of 2. Markdown fields contain a lack of input validation and output encoding when processing KaTeX that results in a persistent XSS...

6.1CVSS5.7AI score
Exploits0References2
NVD
NVD
added 2019/09/09 6:15 p.m.16 views

CVE-2019-5467

An input validation and output encoding issue was discovered in the GitLab CE/EE wiki pages feature which could result in a persistent XSS. This vulnerability was addressed in 12.1.2, 12.0.4, and 11.11.6...

5.4CVSS5.2AI score0.0074EPSS
Exploits1References2
OSV
OSV
added 2019/09/09 6:15 p.m.14 views

CVE-2019-5467

An input validation and output encoding issue was discovered in the GitLab CE/EE wiki pages feature which could result in a persistent XSS. This vulnerability was addressed in 12.1.2, 12.0.4, and 11.11.6...

5.4CVSS6.5AI score
Exploits0References2
OSV
OSV
added 2019/09/09 6:15 p.m.20 views

CVE-2019-5471

An input validation and output encoding issue was discovered in the GitLab email notification feature which could result in a persistent XSS. This was addressed in GitLab 12.1.2, 12.0.4, and 11.11.6...

5.4CVSS6.4AI score
Exploits0References3
UbuntuCve
UbuntuCve
added 2019/09/09 6:15 p.m.25 views

CVE-2019-5467

An input validation and output encoding issue was discovered in the GitLab CE/EE wiki pages feature which could result in a persistent XSS. This vulnerability was addressed in 12.1.2, 12.0.4, and 11.11.6...

5.4CVSS6.1AI score0.0074EPSS
Exploits1References2
Prion
Prion
added 2019/09/09 6:15 p.m.19 views

Design/Logic Flaw

An input validation and output encoding issue was discovered in the GitLab CE/EE wiki pages feature which could result in a persistent XSS. This vulnerability was addressed in 12.1.2, 12.0.4, and 11.11.6...

3.5CVSS5.2AI score0.0074EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder