9 matches found
EUVD-2020-21514
Malware in sbrugna...
CVE-2020-29133
jsp/upload.jsp in Coremail XT 5.0 allows XSS via an uploaded personal signature, as demonstrated by a .jpg.html filename in the signImgFile parameter...
Coremail XT <= 5.0 XSS Vulnerability
Coremail XT is prone to a cross-site scripting XSS vulnerability. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...
CVE-2020-29133
jsp/upload.jsp in Coremail XT 5.0 allows XSS via an uploaded personal signature, as demonstrated by a .jpg.html filename in the signImgFile parameter...
Coremail XT Cross-Site Scripting Vulnerability
Coremail XT is a set of enterprise-class mail system from China Yingshi Computer Technology Company. The system supports sending and receiving emails, enterprise address book, enterprise cloud disk and schedule synchronization. A cross-site scripting vulnerability exists in jsp/upload.jsp in...
Discuz Xss 0day exploit method-vulnerability warning-the black bar safety net
Made it last year using discuz tastelessxssone of the ideas and specific code. discuz x Series on all of the following version of the personal information provided in the personal signature of a presence of a persistent type byXSSvulnerability: for example, in the Modify personal signature, and...
SiteServer CMS多处跨站漏洞
SiteServer CMS 是基于微软.NET 平台开发的网站内容管理系统,它集成了内容发布管理、多站点管理、定时内容采集、定时生成、多服务器发布、搜索引擎优化、流量统计等多项强大功能,独创的 STL 模板语言,通过Dreamweaver 可视化插件能够任意编辑页面显示样式,生成纯静态页面。 1.注册页面为过滤用户提交非法参数导致跨站,插入跨站语句即可: demo:http://demo.siteserver.cn/usercenter/register.aspx?ReturnUrl=%22%3E%3Ciframe%20src=%22http://www.zhuba.net%22%3E...
Discuz! 7.2 Cross Site Scripting
There is a Permanent-type Cross-Site Vulnerability in Personal Signature in all version of Discuz!. It can be written by the worm! Discuz! do not filter the Malicious code when user enter their personal signature, attacker can enter the xss code, Discuz! will save and run it! It maybe lead the...
There is a Permanent-type Cross-Site Vulnerability in “Personal Signature” in all version of Discuz!. It can be written by the worm!
There is a Permanent-type Cross-Site Vulnerability in “Personal Signature” in all version of Discuz!. It can be written by the worm! Discuz! do not filter the Malicious code when user enter their personal signature, attacker can enter the xss code, Discuz! will save and run it! It maybe lead the...