Lucene search
K

613 matches found

exploitpack
exploitpack
added 2016/11/17 12:0 a.m.10 views

WordPress Plugin Answer My Question 1.3 - SQL Injection

WordPress Plugin Answer My Question 1.3 - SQL Injection Exploit Title: Answer My Question 1.3 Plugin for WordPress – Sql Injection Date: 10/11/2016 Exploit Author: Lenon Leite Vendor Homepage: https://wordpress.org/plugins/answer-my-question/ Software Link:...

Exploits0
Openbugbounty
Openbugbounty
added 2016/08/29 11:2 a.m.11 views

telfort.nl XSS vulnerability

Vulnerable URL: https://www.telfort.nl/KBS/jsp/kbs/ahmail/typeOfQuestion.jsp?chan=ahmobiel=60"'/;a=eval;b=alert;ab/xssposed/;...

6.9AI score
Exploits0
Packet Storm
Packet Storm
added 2016/03/12 12:0 a.m.157 views

WordPress DW Question Answer 1.4.2.2 Cross Site Scripting

FULL DISCLOSURE Product : DW Question Answer Exploit Author : Rahul Pratap Singh Version : 1.4.2.2 Home page Link : https://wordpress.org/plugins/dw-question-answer/ Website : 0x62626262.wordpress.com Linkedin : https://in.linkedin.com/in/rahulpratapsingh94 Date : 11/3/2016 XSS Vulnerability:...

0.2AI score
Exploits0
Patchstack
Patchstack
added 2016/03/11 12:0 a.m.10 views

WordPress DW Question & Answer Plugin <= 1.4.2.2 - Stored XSS

Because of this vulnerability, the attackers can inject arbitrary JavaScript or HTML code. Solution Update the plugin...

2AI score
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2016/03/11 12:0 a.m.11 views

DW Question & Answer <= 1.4.2.2 - Stored Cross-Site Scripting (XSS)

The DW Question & Answer WordPress plugin was affected by a Stored Cross-Site Scripting XSS security vulnerability...

1.6AI score
Exploits0References2Affected Software1
seebug.org
seebug.org
added 2015/10/13 12:0 a.m.24 views

phpyun 任意用户密码修改两处 (秒破/demo测试)

简要描述: 好久没看过php了。。。。 如题咯。 详细说明: 来看到找回密码的地方。 app/controller/forgetpwd/index.class.php function sendaction $username=yuniconv"utf-8","gbk",$POST'username'; if!$this-CheckRegUser$username&&!$this-CheckRegEmail$username $res'msg'=yuniconv"gbk","utf-8","用户名不符合规范!"; $res'type'='8'; echo...

7.1AI score
Exploits0
Hacker One
Hacker One
added 2015/08/29 2:9 p.m.19 views

ownCloud: apps.owncloud.com: Edit Question didn't check ACLs

hello i find bug with it i can edit or delete any question users poc link https://apps.owncloud.com/knowledgebase/editquestion.php?page=89 thanks...

0.8AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2015/08/07 12:0 a.m.4 views

The vulnerability of the Moodle learning management system allows a hacker to execute arbitrary web or HTML code.

The vulnerability of the mod/quiz/report/statistics/statisticsquestiontable.php component of the Moodle learning management system exists due to the lack of protective measures for the website structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary web or HTML code ...

3.5CVSS5.9AI score0.01459EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2015/06/15 2:59 p.m.11 views

CVE-2015-4369

Cross-site scripting XSS vulnerability in the Trick Question module before 6.x-1.5 and 7.x-1.x before 7.x-1.5 for Drupal allows remote authenticated users with the "Administer Trick Question" permission to inject arbitrary web script or HTML via unspecified vectors...

3.5CVSS5.3AI score0.00965EPSS
Exploits0References5
Prion
Prion
added 2015/06/15 2:59 p.m.11 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Trick Question module before 6.x-1.5 and 7.x-1.x before 7.x-1.5 for Drupal allows remote authenticated users with the "Administer Trick Question" permission to inject arbitrary web script or HTML via unspecified vectors...

3.5CVSS5.7AI score0.00965EPSS
Exploits0References5Affected Software1
CNVD
CNVD
added 2015/06/05 12:0 a.m.3 views

Moodle 'mod/quiz/report/statistics/statistics_question_table.php' cross-site scripting vulnerability

Moodle is a free, open-source e-learning software platform, also known as a course management system, learning management system or virtual learning environment. A cross-site scripting vulnerability exists in the Moodle 'mod/quiz/report/statistics/statisticsquestiontable.php' script. A remote...

3.5CVSS5.9AI score0.01459EPSS
Exploits0References1
OSV
OSV
added 2015/06/01 7:59 p.m.3 views

UBUNTU-CVE-2015-2273

Cross-site scripting XSS vulnerability in mod/quiz/report/statistics/statisticsquestiontable.php in Moodle through 2.5.9, 2.6.x before 2.6.9, 2.7.x before 2.7.6, and 2.8.x before 2.8.4 allows remote authenticated users to inject arbitrary web script or HTML by leveraging the student role for a...

3.5CVSS5.9AI score0.01459EPSS
Exploits0References4
myhack58
myhack58
added 2015/03/29 12:0 a.m.21 views

Tipask question Answering System 1 2 injection package-vulnerability warning-the black bar safety net

Participate in a period of public test of the time, manufacturers use this system, download down looked, found injected into a large heap. Since the program after the end of the sql statement in many places without using the single quotes the parameter is enclosed, so the user input of the check...

1.1AI score
Exploits0
CNVD
CNVD
added 2015/03/11 12:0 a.m.2 views

Drupal Trick Question module cross-site scripting vulnerability

Drupal is a free, open source content management system developed in PHP and maintained by the Drupal community.Trick Question is one of the CAPTCHA type spam defense modules. A cross-site scripting vulnerability exists in the Drupal Trick Question module. The vulnerability is due to the program...

3.5CVSS6.8AI score0.00965EPSS
Exploits0References1
myhack58
myhack58
added 2015/03/10 12:0 a.m.24 views

Password retrieve logic vulnerability summary-vulnerability warning-the black bar safety net

0x00 background description Please note these two articles: Password retrieve function there may be a problem Password retrieve function there may be issues supplemented From the above two documents the past six months, recently finishing a password to get back to the mind map, open the collectio...

7.7AI score
Exploits0
CNVD
CNVD
added 2015/01/14 12:0 a.m.2 views

KBPublisher FAQ System SQL Injection Vulnerability

KnowledgebasePublisher is a FAQ system non-open source that can also be used as a content manager for publishing articles. Provides question categorization , glossary , powerful WYSIWYG editor , real-time response , full-text search , add attachments , five different administrative roles ,...

7.9AI score
Exploits0
ThreatPost
ThreatPost
added 2014/12/15 12:25 p.m.10 views

Mike Mimoso and Dennis FIsher Discuss the Sony Breach

Dennis Fisher and Mike Mimoso talk about the details of the Sony breach, including the question of attribution, Sony’s response to the attack, media outlets publishing the stolen data and the rise of destructive malware attacks. Download: digitalunderground174.mp3 Music by Chris Gonsalves...

3.1AI score
Exploits0References2
WPVulnDB
WPVulnDB
added 2014/08/01 10:59 a.m.11 views

IndiaNIC FAQs Manager 1.0 - Ask Question Form question Parameter XSS

The faqs-manager WordPress plugin was affected by an Ask Question Form question Parameter XSS security vulnerability...

3.3AI score
Exploits0References2Affected Software1
NVD
NVD
added 2014/07/29 11:10 a.m.20 views

CVE-2014-3545

Moodle through 2.3.11, 2.4.x before 2.4.11, 2.5.x before 2.5.7, 2.6.x before 2.6.4, and 2.7.x before 2.7.1 allows remote authenticated users to execute arbitrary code via a calculated question in a quiz...

6CVSS7.1AI score0.01717EPSS
Exploits0References3
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.16 views

WordPress IndiaNIC FAQs Manager Plugin 1.0 - Multiple Vulnerabilities

No description provided by source. html !-- Exploit Title: WordPress IndiaNIC FAQ 1.0 Plugin CSRF + XSS Google Dork: inurl:wp-content/plugins/faqs-manager Date: 21.03.2013 Exploit Author: m3tamantra http://m3tamantra.wordpress.com/blog Vendor Homepage:...

7.1AI score
Exploits0
Rows per page
Query Builder