7657 matches found
search.wlbz2.com XSS vulnerability
Open Bug Bounty ID: OBB-63467 Description| Value ---|--- Affected Website:| search.wlbz2.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat...
Eisbär SCADA (All Versions) - Persistent UI Vulnerability
Document Title: =============== Eisbär SCADA All Versions - Persistent UI Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1456 Release Date: ============= 2015-05-19 Vulnerability Laboratory ID VL-ID: ==================================== 14...
Eisbär SCADA (All Versions) - Persistent UI Vulnerability
Document Title: =============== Eisbär SCADA All Versions - Persistent UI Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1456 Release Date: ============= 2015-05-19 Vulnerability Laboratory ID VL-ID: ==================================== 14...
HiDisk 2.4 iOS - (FolderPath) Persistent Vulnerability
Document Title: =============== HiDisk 2.4 iOS - FolderPath Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1496 Release Date: ============= 2015-05-19 Vulnerability Laboratory ID VL-ID: ==================================== 1496...
iClassSchedule 1.6 Script Insertion
Document Title: =============== iClassSchedule 1.6 iOS & Android - Persistent UI Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1494 Release Date: ============= 2015-05-13 Vulnerability Laboratory ID VL-ID:...
HiDisk 2.4 iOS - (FolderPath) Persistent Vulnerability
Document Title: =============== HiDisk 2.4 iOS - FolderPath Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1496 Release Date: ============= 2015-05-18 Vulnerability Laboratory ID VL-ID: ==================================== 1496...
Hikvision DS-2CD2012-I XML Injection / Abuse Issues
Hello list! There are vulnerabilities in Hikvision DS-2CD2012-I. These are XML Injection, Abuse of Functionality and Brute Force vulnerabilities. All these vulnerabilities are present in other IP cameras and DVR of Hikvision. ------------------------- Affected vendors: -------------------------...
WordPress Booking Calendar Contact Form Plugin 1.0.2 - Multiple vulnerabilities
Booking Calendar Contact Form plugin is prone to multiple vulnerabilities: 1. Authenticated SQL injection in "get" parameter allows an attacker to escalate editor privileges. 2. Filter bypass & Authenticated SQL injection in "id" parameter via...
iClassSchedule 1.6 iOS & Android - Persistent Vulnerability
Document Title: =============== iClassSchedule 1.6 iOS & Android - Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1494 Release Date: ============= 2015-05-13 Vulnerability Laboratory ID VL-ID: ===================================...
iClassSchedule 1.6 iOS & Android - Persistent Vulnerability
Document Title: =============== iClassSchedule 1.6 iOS & Android - Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1494 Release Date: ============= 2015-05-12 Vulnerability Laboratory ID VL-ID: ===================================...
D-Link DSL-500B Gen 2 - Parental Control Configuration Panel Persistent Cross-Site Scripting
D-Link DSL-500B Gen 2 - Parental Control Configuration Panel Persistent Cross-Site Scripting !/usr/bin/perl Date dd-mm-aaaa: 13-02-2015 Exploit for D-Link DSL-500B G2 Cross Site Scripting XSS Injection Stored in todmngr.tod Developed by Mauricio Corrêa XLabs Information Security WebSite:...
D-Link DSL-500B Gen 2 - URL Filter Configuration Panel Persistent Cross-Site Scripting
!/usr/bin/perl Date dd-mm-aaaa: 13-02-2015 Exploit for D-Link DSL-500B G2 Cross Site Scripting XSS Injection Stored in todmngr.tod URL Filter Developed by Mauricio Corrêa XLabs Information Security WebSite: www.xlabs.com.br CAUTION! This exploit disables some features of the modem, forcing the...
DokuWiki persistent Cross Site Scripting
Advisory ID: SGMA15-001 Title: DokuWiki persistent Cross Site Scripting Product: DokuWiki Version: 2014-09-29c and probably prior Vendor: www.dokuwiki.org Vulnerability type: Persistent XSS Risk level: Medium Credit: Filippo Cavallarin - segment.technology CVE: N/A Vendor notification: 2015-03-18...
D-Link DSL-500B Gen 2 - Parental Control Configuration Panel Persistent Cross-Site Scripting
!/usr/bin/perl Date dd-mm-aaaa: 13-02-2015 Exploit for D-Link DSL-500B G2 Cross Site Scripting XSS Injection Stored in todmngr.tod Developed by Mauricio Corrêa XLabs Information Security WebSite: www.xlabs.com.br CAUTION! This exploit disables some features of the modem, forcing the administrator...
SynTail 1.5 Build 566 CSRF / Cross Site Scripting
Exploit Title: Multiple vulnerabilities in SynTail 1.5 Build 566 CSRF/Stored XSS Date: 07-05-2015 Exploit Author: Marlow Tannhauser Contact: [email protected] Vendor Homepage: http://www.synametrics.com Software Link: http://web.synametrics.com/SynTailDownload.htm Version: 1.5 Build 566...
Oracle Business Intelligence Mobile HD 11.x Script Insertion
Document Title: =============== Oracle Business Intelligence Mobile HD v11.x iOS - Persistent UI Vulnerability References Source: ==================== http://vulnerability-lab.com/getcontent.php?id=1361 Oracle Security ID: S0540289 Tracking ID: S0540289 Reporter ID: 1 2015Q1 Release Date:...
Yahoo eMarketing Cross Site Scripting
Document Title: =============== Yahoo eMarketing Bug Bounty 31 - Cross Site Scripting Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1491 Yahoo Security ID H1: 55395 Release Date: ============= 2015-05-07 Vulnerability Laboratory ID VL-ID:...
Yahoo eMarketing Bug Bounty #31 - Cross Site Vulnerability
Document Title: =============== Yahoo eMarketing Bug Bounty 31 - Cross Site Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1491 Yahoo Security ID H1: 55395 Release Date: ============= 2015-05-07 Vulnerability Laboratory ID VL-ID:...
WordPress Ultimate Product Catalogue 3.1.2 XSS / CSRF / File Upload Vulnerabilities
WordPress Ultimate Product Catalogue plugin version 3.1.2 suffers from cross site request forgery, cross site scripting, and file upload vulnerabilities. Exploit Title: Multiple Persistent XSS & CSRF & File Upload on Ultimate Product Catalogue 3.1.2 Google Dork: inurl:"SingleProduct" intext:"Back...
PHP Fusion 7.02.07 XSS / Clickjacking
Hi Team, Affected Vendor: https://www.php-fusion.co.uk/home.php Date: 04/05/2015 Creditee: http://osvdb.org/creditees/13518-vadodil-joel-varghese Type of vulnerability: Persistent XSS + Clickjacking Tested on: Windows 8.1 Product: PHP Fusion Version: 7.02.07 1 Cross Site Scripting...