7657 matches found
withinsecurity: Error Page Text Injection #106350
Hello Team , Description : This report is similar to 106350 , as we can see in report an user or attacker is able to inject his text into error page and can trap to user to visit other site by adding following link...
Advanced Electron Forum 1.0.9 Cross Site Scripting
Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AEF-XSS.txt Vendor: ============================= www.anelectron.com/downloads/ Product: ==================================== Advanced Electron Forum v1.0.9 AEF Exploit patched current...
Advanced Electron Forum 1.0.9 - Persistent Cross-Site Scripting
Advanced Electron Forum 1.0.9 - Persistent Cross-Site Scripting + Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AEF-XSS.txt Vendor: ============================= www.anelectron.com/downloads/ Product: ==================================...
Ebay Magento Bug Bounty #2 - Persistent Web Vulnerability
Document Title: =============== Ebay Magento Bug Bounty 2 - Persistent Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1203 eBay Inc. Bug Bounty Program ID: EIBBP-26644 Release Date: ============= 2016-01-18 Vulnerability Laboratory ID...
Advanced Electron Forum 1.0.9 - Persistent Cross-Site Scripting
Exploit for php platform in category web applications + Credits: hyp3rlinx Vendor: ============================= www.anelectron.com/downloads/ Product: ==================================== Advanced Electron Forum v1.0.9 AEF Exploit patched current version. Vulnerability Type: ===================...
Advanced Electron Forum 1.0.9 - Persistent Cross-Site Scripting
Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AEF-XSS.txt Vendor: ============================= www.anelectron.com/downloads/ Product: ==================================== Advanced Electron Forum v1.0.9 AEF Exploit patched current...
Ebay Magento Bug Bounty #2 - Persistent Web Vulnerability
Document Title: =============== Ebay Magento Bug Bounty 2 - Persistent Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1203 eBay Inc. Bug Bounty Program ID: EIBBP-26644 Release Date: ============= 2016-01-18 Vulnerability Laboratory ID...
iptables-persistent '/etc/iptables' local information disclosure vulnerability
iptables-persistent is an init.d script used to make iptables rules restart continuously. A security vulnerability exists in iptables-persistent, which allows local attackers to exploit the vulnerability to obtain sensitive information...
SlemBunk Part II: Prolonged Attack Chain and Better-Organized Campaign
Introduction Our follow-up investigation of a nasty Android banking malware we identified at the tail end of last year has not only revealed that the trojan is more persistent than we initially realized – thus making for a much more dangerous threat – but that it is also being used as part of an...
Simple PHP Polling System - Multiple Vulnerabilities
Exploit Title : Multiple Vulnerabilities in Simple PHP Polling System. Author : WICS Date : 05-Jan-2016 Software Link : http://sourceforge.net/projects/pollingsystem/ Overview : Simple PHP Polling System helps organizations to make polls of different types of positions with a number of candidates...
PhpSocial 2.0.0304_20222226 Cross Site Scripting / Open Redirect
Security Advisory - Curesec Research Team 1. Introduction Affected Product: PhpSocial v2.0.030420222226 Fixed in: not fixed Fixed Version Link: n/a Vendor Webite: http://phpsocial.net Vulnerability Type: XSS / Open Redirect Remote Exploitable: Yes Reported to vendor: 11/21/2015 Disclosed to publi...
DELL Scrutinizer 12.0.3 Cross Site Scripting
Document Title: =============== DELL Scrutinizer v12.0.3 - Persistent Software Vulnerability References Source: ==================== http://vulnerability-lab.com/getcontent.php?id=1360 Tracking ID: 15943 Release Date: ============= 2015-12-18 Vulnerability Laboratory ID VL-ID:...
WordPress Content Text Slider On Post 6.8 Cross Site Scripting
Document Title: =============== Wordpress Content Text Slider on Post 6.8 - Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1655 Release Date: ============= 2015-12-07 Vulnerability Laboratory ID VL-ID:...
Lithium Forum Cross Site Scripting
Document Title: =============== Lithium Forum - previewImages Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1520 Release Date: ============= 2015-12-18 Vulnerability Laboratory ID VL-ID: ==================================== 152...
DELL Scrutinizer v12 - Persistent Software Vulnerability
Document Title: =============== DELL Scrutinizer v12 - Persistent Software Vulnerability References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1689 Video: https://www.youtube.com/watch?v=fcVox20f7ZI Advisory: http://www.vulnerability-lab.com/getcontent.php?id=1360 Release Dat...
DELL Scrutinizer v12.0.3 - Persistent Software Vulnerability
Document Title: =============== DELL Scrutinizer v12.0.3 - Persistent Software Vulnerability References Source: ==================== http://vulnerability-lab.com/getcontent.php?id=1360 Tracking ID: 15943 Release Date: ============= 2015-12-18 Vulnerability Laboratory ID VL-ID:...
DELL Scrutinizer v12.0.3 - Persistent Software Vulnerability
Document Title: =============== DELL Scrutinizer v12.0.3 - Persistent Software Vulnerability References Source: ==================== http://vulnerability-lab.com/getcontent.php?id=1360 Tracking ID: 15943 Release Date: ============= 2015-12-18 Vulnerability Laboratory ID VL-ID:...
DELL Scrutinizer v12 - Persistent Software Vulnerability
Document Title: =============== DELL Scrutinizer v12 - Persistent Software Vulnerability References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1689 Video: https://www.youtube.com/watch?v=fcVox20f7ZI Advisory: http://www.vulnerability-lab.com/getcontent.php?id=1360 Release Dat...
tomcat: non-persistent DoS attack by feeding data by aborting an upload
It was found that Tomcat would keep connections open after processing requests with a large enough request body. A remote attacker could potentially use this flaw to exhaust the pool of available connections and preventing further, legitimate connections to the Tomcat server to be made...
Secure Data Space 3.1.1-2 Cross Site Scripting Vulnerability
Secure Data Space version 3.1.1-2 suffers from a cross site scripting vulnerability. Secure Data Space 3.1.1-2 Cross Site Scripting Vulnerability 1. DETAILS - ---------- Product: SECURE DATA SPACE Vendor URL: www.ssp-europe.eu Type: Cross-site ScriptingCWE-79 Date found: 2015-09-30 Date published...