Lucene search
K

37 matches found

OSV
OSV
added 2021/06/29 6:15 p.m.4 views

CVE-2020-18066

Cross Site Scripting vulnerability in ZrLog 2.1.0 via the 1 userName and 2 email parameters in post/addComment...

6.1CVSS6.4AI score0.00574EPSS
Exploits1References1
Prion
Prion
added 2020/03/12 2:15 p.m.19 views

Cross site request forgery (csrf)

CSRF in admin/ajax-hub.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to post a comment on any article via a crafted request...

4.3CVSS4.6AI score0.00475EPSS
Exploits1References2Affected Software1
Openbugbounty
Openbugbounty
added 2018/04/07 8:23 p.m.11 views

coinimaging.com XSS vulnerability

Open Bug Bounty ID: OBB-598563 Description| Value ---|--- Affected Website:| coinimaging.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
Prion
Prion
added 2018/03/29 5:29 a.m.15 views

Cross site scripting

In Crea8social 2018.2, there is Stored Cross-Site Scripting via a post comment...

3.5CVSS5.3AI score0.00575EPSS
Exploits3References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2018/03/29 5:29 a.m.2 views

CVE-2018-9121

In Crea8social 2018.2, there is Stored Cross-Site Scripting via a post comment...

5.4CVSS5.4AI score0.00575EPSS
Exploits3References4
NVD
NVD
added 2018/03/29 5:29 a.m.19 views

CVE-2018-9121

In Crea8social 2018.2, there is Stored Cross-Site Scripting via a post comment...

5.4CVSS5.3AI score0.00575EPSS
Exploits3References2
CVE
CVE
added 2018/03/29 5:0 a.m.37 views

CVE-2018-9121

CVE-2018-9121 affects Crea8social 2018.2 with a Stored Cross‑Site Scripting (XSS) vulnerability in post comments. The NVD notes CVSS2/3 base scores of 3.5 (LOW) and 5.4 (MEDIUM) respectively, indicating a potential impact on integrity/ confidentiality as described. Connected sources reiterate sto...

5.4CVSS5.2AI score0.00575EPSS
Exploits3References2Affected Software1
Exploit DB
Exploit DB
added 2016/10/13 12:0 a.m.16 views

Colorful Blog - Persistent Cross-Site Scripting

Exploit Title : ----------- : Colorful Blog - Stored Cross Site Scripting Author : ----------------- : Besim Google Dork : --------- : - Date : -------------------- : 13/10/2016 Type : -------------------- : webapps Platform : --------------- : PHP Vendor Homepage :-- : - Software link : --------...

7.4AI score
Exploits0
0day.today
0day.today
added 2016/10/12 12:0 a.m.455 views

ApPHP MicroBlog 1.0.2 - Stored Cross Site Scripting

Exploit for php platform in category web applications Exploit Title : ApPHP MicroBlog 1.0.2 - Stored Cross Site Scripting Author : Besim Google Dork : Date : 12/10/2016 Type : webapps Platform : PHP Vendor Homepage : - Software link : http://www.scriptdungeon.com/jump.php?ScriptID=9162 Descriptio...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2010/03/16 12:0 a.m.26 views

CSICE Cross Site Request Forgery / Cross Site Scripting

http://www.csice.org/ Suffers from XSS and CSRF cross site scripting and cross site request forgery attacks. The vulnerability lies in the Post comment filelds in the following page move to this page 'only for authenticated user' http://www.csice.org/student/subjects.html and choose a subject and...

0.1AI score
Exploits0
0day.today
0day.today
added 2010/03/16 12:0 a.m.25 views

CSICE XSS and CSRF Vulnerability

Exploit for unknown platform in category web applications ================================ CSICE XSS and CSRF Vulnerability ================================ http://www.csice.org/ Suffers from XSS and CSRF cross site scripting and cross site request forgery attacks. The vulnerability lies in the...

7.1AI score
Exploits0
Prion
Prion
added 2008/10/23 8:0 p.m.11 views

Authentication flaw

PHP Jabbers Post Comment 3.0 allows remote attackers to bypass authentication and gain administrative access by setting the PostCommentsAdmin cookie to "logged."...

7.5CVSS7.8AI score0.02773EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2008/10/23 6:0 p.m.21 views

CVE-2008-4721

PHP Jabbers Post Comment 3.0 allows remote attackers to bypass authentication and gain administrative access by setting the PostCommentsAdmin cookie to "logged."...

7.2AI score0.02773EPSS
Exploits0References4
CVE
CVE
added 2008/10/23 6:0 p.m.42 views

CVE-2008-4721

CVE-2008-4721 affects PHP Jabbers Post Comment 3.0. The vulnerability allows remote attackers to bypass authentication and gain administrative access by setting the PostCommentsAdmin cookie to "logged." The connected documents confirm the attack vector is via a manipulated cookie, leading to unau...

7.5CVSS7.2AI score0.02773EPSS
Exploits0References4Affected Software1
securityvulns
securityvulns
added 2006/04/16 12:0 a.m.24 views

PhpGuestbook <= 1.0 XSS

PhpGuestbook = 1.0 XSS Post Comment:- Name: 'scriptalertdocument.cookie/script Website: Comment: 'scriptalertdocument.cookie/script Found By: Qex...

1.3AI score
Exploits0
OSV
OSV
added 2006/03/03 11:2 a.m.3 views

DEBIAN-CVE-2006-0985

Multiple cross-site scripting XSS vulnerabilities in the "post comment" functionality of WordPress 2.0.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 name, 2 website, and 3 comment parameters...

4.3CVSS5.9AI score0.0302EPSS
Exploits1References1
Cvelist
Cvelist
added 2005/09/07 4:0 a.m.18 views

CVE-2005-2816

Cross-site scripting XSS vulnerability in Greymatter allows remote attackers to inject arbitrary web script or HTML via a post comment, which is recorded in a log file but not properly handled when the administrator uses "View Control Panel Log" to read the log file...

5.5AI score0.00948EPSS
Exploits0References1
Rows per page
Query Builder