Lucene search
K

15 matches found

Cvelist
Cvelist
added 2024/11/19 1:30 a.m.25 views

CVE-2024-50278 dm cache: fix potential out-of-bounds access on the first resume

In the Linux kernel, the following vulnerability has been resolved: dm cache: fix potential out-of-bounds access on the first resume Out-of-bounds access occurs if the fast device is expanded unexpectedly before the first-time resume of the cache table. This happens because expanding the fast...

0.00262EPSS
Exploits0References8
Hacker One
Hacker One
added 2024/02/05 7:57 p.m.42 views

U.S. Dept Of Defense: Parâmetro XSS: Nome de usuário - █████████

The report describes a cross-site scripting XSS vulnerability in the username parameter of an application. The vulnerability was demonstrated using Burp Suite, where the attacker was able to inject malicious JavaScript code into the username field. No further details were provided about the...

5.8AI score
Exploits0
Hacker One
Hacker One
added 2022/01/22 7:38 p.m.259 views

Aiven Ltd: 0-day Cross Origin Request Forgery vulnerability in Grafana 8.x .

Disclaimer To triage, please note that this is still a 0-day that was alerted to Grafana already, in order to make sure the client is safe I report this issue now, please make sure to not spread it further or leak it, as the best interest is to let you be aware and safer from any potential attack...

6.8CVSS0.4AI score0.02236EPSS
Exploits0
GithubExploit
GithubExploit
added 2021/11/22 1:29 p.m.163 views

Exploit for Path Traversal in Microsoft

CVE-2021-40444 PoC Malicious docx generator to exploit CVE-20...

8.8CVSS7.7AI score0.96843EPSS
Exploits38
Huntr
Huntr
added 2021/07/03 1:39 a.m.10 views

Cross-site Scripting (XSS) - Stored in bigprof-software/online-rental-property-manager

💥 BUG Stored xss via group name 💥 TESTED VERSION latest version as of 01/07/21 💥 STEP TO REPRODUCE 1. create a group with bellow xss payload in name.\ group1"'.\ 2. Now add a new user called user-B to the above group .\ 3. Finally visit...

1.7AI score
Exploits0
Huntr
Huntr
added 2021/05/22 7:20 p.m.17 views

in dolibarr/dolibarr

💥 BUG unprivileged user can upload file to a task associated with a project. 💥 IMPACT user who has read-only access to a project can add file to task associated with this project 💥 TESTED VERSION dolibarr 14.0.0-beta 💥 STEP TO REPRODUCE 1. First goto admin account and add user B as normal user ....

7.1AI score
Exploits0
0day.today
0day.today
added 2021/05/19 12:0 a.m.24 views

COVID19 Testing Management System 1.0 - (Admin name) Cross-Site Scripting Vulnerability

Exploit Title: COVID19 Testing Management System 1.0 - 'Admin name' Cross-Site Scripting XSS Exploit Author: Rohit Burke Vendor Homepage: https://phpgurukul.com Software Link: https://phpgurukul.com/covid19-testing-management-system-using-php-and-mysql/ Version: 1.0 Tested on: Windows 10 == Store...

7.4AI score
Exploits0
0day.today
0day.today
added 2021/05/17 12:0 a.m.27 views

Customer Relationship Management (CRM) System 1.0 - (Category) Persistent Cross site Scripting

Exploit Title: Customer Relationship Management CRM System 1.0 - 'Category' Persistent Cross site Scripting Exploit Author: Vani K G Vendor Homepage: https://www.sourcecodester.com/ Software Link:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2020/12/02 12:0 a.m.592 views

WebDamn User Registration And Login System With User Panel SQL Injection

Exploit Title: WebDamn User Registration & Login System with User Panel - SQLi Auth Bypass Date: 18-11-2020 Exploit Author: Aakash Madaan Vendor Homepage: https://webdamn.com/ Software Link : https://webdamn.com/user-management-system-with-php-mysql/ Version: N/A Default Tested on: Windows 10...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2019/07/15 12:0 a.m.148 views

Streamripper 2.6 Buffer Overflow

!/usr/bin/python Exploit Title: StreamRipper32 Buffer Overflow Date: 07/2019 Exploit Author: Andrey Stoykov OSCP Tested On: Win7 SP1 x64 Software Link: http://streamripper.sourceforge.net/sr32/StreamRipper3226.exe Version: 2.6 Steps To Reproduce: Double click on "Add" in the "Station/Song Section...

1.3AI score
Exploits0
Packet Storm
Packet Storm
added 2018/08/04 12:0 a.m.20 views

Wedding Slideshow Studio 1.36 Buffer Overflow

Exploit Title: Socumsoft Wedding Slideshow Studio 1.36 Date: 02.08.2018 Exploit Author: Achilles Vendor Homepage: http://www.socusoft.com Vulnerable Software: http://www.socusoft.com/down/wedding-slideshow-studio.exe Tested on OS: Windows 7 64-bit DE Steps to reproduce: Copy the contents of the...

0.3AI score
Exploits0
Hacker One
Hacker One
added 2017/11/09 9:7 a.m.29 views

Aspen: Email Spoofing

There is an Email Spoofing Vulnerability. Steps to reproduce: 1 Go to http://emkei.cz/ 2 Fill "From Email" field to [email protected] or any other aspen email. 3 Fill the victim's address your address to "TO" field and fill in other details as you wish. You will receive email from aspen admin...

6.9AI score
Exploits0
Hacker One
Hacker One
added 2017/07/04 9:16 a.m.30 views

Gratipay: self cross site scripting

Vulnerability Exploited : cross site scripting using csrf Vulnerable URL:https://gratipay.com/search Vulnerability Explanation :The application is vulnerable with Reflected Cross Site Scripting. Here application fails to validate user supplied inputs due to which an attacker can inject his own...

0.5AI score
Exploits0
Packet Storm
Packet Storm
added 2014/02/14 12:0 a.m.32 views

WordPress Buddypress 1.9.1 Cross Site Scripting

Vulnerability: Wordpress plugin Buddypress = 1.9.1 stored xss Date: 13/02/2014 Author: Pietro Oliva Vendor Homepage: http://buddypress.org Software Link: http://downloads.wordpress.org/plugin/buddypress.1.9.1.zip Version: 1.9.1 CVE : CVE-2014-1888 Responsibly disclosed and patched in version 1.9....

4.3CVSS6.5AI score0.02587EPSS
Exploits3
Atlassian
Atlassian
added 2013/09/10 12:59 p.m.19 views

"Contact Administrators" Process Doesn't Exclude Disabled Administrators

h3. Steps to Reproduce: Create a new test user Add the newly created user into confluence-administrators group Disabled the new test user Access the following URL code/500page.jspcode Click the "Confluence Administrators" link which will redirect you to this URL...

1.6AI score
Exploits0Affected Software1
Rows per page
Query Builder