CVE-2017-7783

If a long user name is used in a username/password combination in a site URL such as " http://UserName:[email protected]", the resulting modal prompt will hang in a non-responsive state or crash, causing a denial of service. This vulnerability affects Firefox 55...

rk-responsive-contact-form 1.0 - Authenticated Blind SQL Injection

The rk-responsive-contact-form WordPress plugin was affected by an Authenticated Blind SQL Injection security vulnerability...

Salutation Responsive < 3.0.16 - Stored XSS

The parallelus-salutation WordPress theme was affected by a Stored XSS security vulnerability...

Salutation Responsive 3.0.15 Cross Site Scripting

Details ================ Software: Salutation Responsive WordPress + BuddyPress Theme Version: 3.0.15 Homepage: https://themeforest.net/item/salutation-responsive-wordpress-buddypress-theme/548199 Advisory report: https://security.dxw.com/advisories/stored-xss-salutation-theme/ CVE: Awaiting...

CVE-2017-2243

Cross-site scripting vulnerability in Responsive Lightbox prior to version 1.7.2 allows an attacker to inject arbitrary web script or HTML via unspecified vectors...

CVE-2017-2243

Cross-site scripting vulnerability in Responsive Lightbox prior to version 1.7.2 allows an attacker to inject arbitrary web script or HTML via unspecified vectors...

Cross site scripting

Cross-site scripting vulnerability in Responsive Lightbox prior to version 1.7.2 allows an attacker to inject arbitrary web script or HTML via unspecified vectors...

CVE-2017-2243

Cross-site scripting vulnerability in Responsive Lightbox prior to version 1.7.2 allows an attacker to inject arbitrary web script or HTML via unspecified vectors...

CVE-2017-2243

CVE-2017-2243 targets the WordPress plugin Responsive Lightbox (dFactory). The vulnerability is a cross-site scripting flaw in versions before 1.7.2, described as a reflected XSS (CWE-79) with the ability to inject arbitrary script/HTML via unspecified vectors. Multiple sources (NVD, JVN/JVND, CV...

WordPress plugin "Responsive Lightbox" vulnerable to cross-site scripting

Overview The WordPress plugin "Responsive Lightbox" provided by dFactory contains a reflected cross-site scripting vulnerability CWE-79. Chris Liu reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An arbitrary...

JVN#39819446: WordPress plugin "Responsive Lightbox" vulnerable to cross-site scripting

The WordPress plugin "Responsive Lightbox" provided by dFactory contains a reflected cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the logged in user's web browser. Solution Update the plugin Update the plugin according to the information provided by the...

Responsive Lightbox by dFactory <= 1.7.1 - Authenticated Cross-Site Scripting (XSS)

The Responsive Lightbox & Gallery WordPress plugin was affected by an Authenticated Cross-Site Scripting XSS security vulnerability...

WordPress Responsive Lightbox Plugin Cross-Site Scripting Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports personal blog sites set up on servers with PHP and MySQL.WordPress Responsive Lightbox is one of the image viewing plugin. A cross-site scripting vulnerability exists ...

WordPress Responsive Menu plugin <= 3.1.3 - Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) Vulnerability

Wordpress Responsive Menu plugin Cross-Site Request Forgery CSRF and Cross-Site Scripting XSS Vulnerabilities. There's a lack of sanitization for saving the options in updateOptions function, in the /app/Controllers/AdminController.php file. Also, a nonce is missing in the plugin's settings page...

Responsive Menu <= 3.1.3 - XSS and CSRF

The Responsive Menu – Create Mobile-Friendly Menu WordPress plugin was affected by a XSS and CSRF security vulnerability...

WordPress WebDorado Gallery 1.3.29 Plugin - SQL Injection Vulnerability

Exploit for php platform in category web applications Source: http://www.defensecode.com/advisories/DC-2017-02-011WordPressWebDoradoGalleryPluginAdvisory.pdf DefenseCode ThunderScan SAST Advisory WordPress WebDorado Gallery Plugin - SQL Injection Vulnerability Advisory ID: DC-2017-02-011 Software...

Broadcom: Heap overflow in TDLS Teardown Request while handling Fast Transition IE (CVE-2017-0561)

详细分析：https://googleprojectzero.blogspot.tw/2017/04/over-air-exploiting-broadcoms-wi-fi4.html Posted by Gal Beniamini, Project Zero It's a well understood fact that platform security is an integral part of the security of complex systems. For mobile devices, this statement rings even truer; modern...

mosh - Mobile Shell replacement for SSH (more robust and responsive, especially over Wi-Fi, cellular, and long-distance links)

Mosh is a remote terminal application that supports intermittent connectivity, allows roaming, and provides speculative local echo and line editing of user keystrokes. It aims to support the typical interactive uses of SSH, plus: Mosh keeps the session alive if the client goes to sleep and wakes ...

CVE-2017-5419

If a malicious site repeatedly triggers a modal authentication prompt, eventually the browser UI will become non-responsive, requiring shutdown through the operating system. This is a denial of service DOS attack. This vulnerability affects Firefox 52 and Thunderbird 52...

Multireligion Responsive Matrimonial Script 4.7.1 SQL Injection

Exploit Title: Multireligion Responsive Matrimonial Script v4.7.1 - SQL Injection Google Dork: N/A Date: 06.03.2017 Vendor Homepage: http://www.phpscriptsmall.com/ Software : http://www.phpscriptsmall.com/product/multireligion-responsive-matrimonial/ Demo:...