7654 matches found
Kyocera FS5250 Cross Site Scripting
Found the below on a printer a couple of years ago, sent to Kyocera but never heard anything back... Changing the 'Ready' message on a printer is quite a well known prank And much fun was had with this yesterday! but also an interesting avenue for injecting XSS, as the Kyocera printer management...
Private Photo+Video v1.1 Pro iOS - Persistent Vulnerability
Document Title: =============== Private Photo+Video v1.1 Pro iOS - Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1249 Release Date: ============= 2014-04-01 Vulnerability Laboratory ID VL-ID: ===================================...
Barracuda Message Archiver 650 - Persistent Web Vulnerability
Document Title: =============== Barracuda Message Archiver 650 - Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=751 Barracuda Networks Security ID BNSEC: 703 Release Date: ============= 2014-02-18 Vulnerability Laboratory ID...
Dell SonicWALL EMail Security Appliance Application 7.4.5 - Multiple Vulnerabilities
Dell SonicWALL EMail Security Appliance Application 7.4.5 - Multiple Vulnerabilities Document Title: =============== Dell SonicWall EMail Security Appliance Application v7.4.5 - Multiple Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=119...
Joomla! Component Kunena 3.0.4 - Persistent Cross-Site Scripting
Joomla! Component Kunena 3.0.4 - Persistent Cross-Site Scripting Persistent XSS in Joomla::Kunena 3.0.4 26. February 2014 by Qoppa +++ Description "Kunena is the leading Joomla forum component. Downloaded more than 3,750,000 times in nearly 6 years." Kunena is written in PHP. Users can post a...
GetSimple CMS 3.3.1 - Persistent Cross Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: etSimple CMS v3.3.1 Persistent Cross Site Scripting Google Dork: N/A Date: 24-03-2014 Exploit Author: Jeroen - IT Nerdbox Vendor Homepage: http://get-simple.info/ Software Link: http://get-simple.info/download/ Version: v3.3.1...
Getsimple CMS 3.3.1 - Persistent Cross-Site Scripting
Getsimple CMS 3.3.1 - Persistent Cross-Site Scripting Exploit Title: etSimple CMS v3.3.1 Persistent Cross Site Scripting Google Dork: N/A Date: 24-03-2014 Exploit Author: Jeroen - IT Nerdbox Vendor Homepage: http://get-simple.info/ Software Link: http://get-simple.info/download/ Version: v3.3.1...
Dell SonicWall EMail Security 7.4.5 - Multiple Vulnerabilities
Document Title: =============== Dell SonicWall EMail Security 7.4.5 - Multiple Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1191 Dell SonicWall Security Bulletin:...
Phabricator: Persistent XSS: Editor link
The editor link used for external applications allows scheme other than http: or https:. Although the phutiltag function checks whether the scheme is javascript: to prevent XSS attacks see GitHub, it is straightforward to bypass this check by adding a whitespace character in between javascript an...
Ubee EVW3200 - Multiple Persistent Cross-Site Scripting Vulnerabilities
Ubee EVW3200 - Multiple Persistent Cross-Site Scripting Vulnerabilities Exploit Title: Ubee EVW3200 - Multiple Persistent Cross Site Scripting Google Dork: N/A Date: 02-03-2014 Exploit Author: Jeroen - IT Nerdbox Vendor Homepage: http://www.ubeeinteractive.com/ Software Link:...
Ubee EVW3200 - Multiple Persistent Cross Site Scripting Vulnerability
Ubee EVW3200 suffers from multiple persistent cross site scripting vulnerabilities. Exploit Title: Ubee EVW3200 - Multiple Persistent Cross Site Scripting Google Dork: N/A Date: 02-03-2014 Exploit Author: Jeroen - IT Nerdbox Vendor Homepage: http://www.ubeeinteractive.com/ Software Link:...
Ubee EVW3200 Cross Site Scripting
Exploit Title: Ubee EVW3200 - Multiple Persistent Cross Site Scripting Google Dork: N/A Date: 02-03-2014 Exploit Author: Jeroen - IT Nerdbox Vendor Homepage: http://www.ubeeinteractive.com/ Software Link: http://www.ubeeinteractive.com/products/cable?fieldproductcatetorytid=20 Version: All Tested...
Ubee EVW3200 - Multiple Persistent Cross-Site Scripting Vulnerabilities
Exploit Title: Ubee EVW3200 - Multiple Persistent Cross Site Scripting Google Dork: N/A Date: 02-03-2014 Exploit Author: Jeroen - IT Nerdbox Vendor Homepage: http://www.ubeeinteractive.com/ Software Link: http://www.ubeeinteractive.com/products/cable?fieldproductcatetorytid=20 Version: All Tested...
Ilch CMS 2.0 - Persistent XSS Vulnerability
Ilch CMS version 2.0 suffers from a cross site scripting vulnerability. Product: Ilch CMS Vendor: http://ilch.de Vulnerable Versions: 2.0 and probably prior Tested Version: 2.0 Advisory Publication: February 12, 2014 without technical details Vendor Notification: February 12, 2014 Public...
SpagoBI 4.0 - Persistent XSS Vulnerability
Exploit for php platform in category web applications 1. Vulnerability Information CVE reference: CVE-2013-6232 CVSS v2 Base Score: 4 CVSS v2 Vector: AV:N/AC:L/Au:S/C:N/I:P/A:N Component/s: SpagoBI Class: Input Manipulation 2. Introduction SpagoBI1 is an Open Source Business Intelligence suite,...
ClickDesk 4.3 Cross Site Scripting
ClickDesk Multiple Persistent XSS Details ======================================================================================== Product: ClickDesk a cross platform live chat and support plugin Security-Risk: High Remote-Exploit: yes Vendor-URL: https://www.clickdesk.com/ Advisory-Status:...
SpagoBI 4.0 - Persistent HTML Script Insertion
Exploit for php platform in category web applications SpagoBI1 is an Open Source Business Intelligence suite, belonging to the free/open source SpagoWorld initiative, founded and supported by Engineering Group2. It offers a large range of analytical functions, a highly functional semantic layer...
SpagoBI 4.0 - Persistent HTML Script Insertion
SpagoBI 4.0 - Persistent HTML Script Insertion 01. Advisory Information Title: Persistent HTML Script Insertion permits offsite-bound forms Date published: 2014-03-01 Date of last update: 2014-03-01 Vendors contacted: Engineering Group Discovered by: Christian Catalano Severity: Medium 02...
Joomla 3.2.2 Cross Site Scripting
============================================================== Title ...| Persistent pre-auth XSS in Joomla Version .| Joomla 3.2.2 Date ....| 3.03.2014 Found ...| HauntIT Blog Home ....| http://www.joomla.org ==============================================================...
Lexmark Printer Configuration Persistent XSS
The version of the remote Lexmark printer is potentially affected by a cross-site scripting vulnerability. An input validation error exists related to the 'General Settings' configuration page and the 'Location' and 'Contact Name' parameters that could allow persistent cross-site scripting attack...