eScan Management Console 14.0.1400.2281 - Cross Site Scripting Vulnerability

Exploit Title: eScan Management Console 14.0.1400.2281 - Cross Site Scripting Exploit Author: Sahil Ojha Vendor Homepage: https://www.escanav.com Software Link: https://cl.escanav.com/ewconsole.dll Version: 14.0.1400.2281 Tested on: Windows CVE : CVE-2023-31703 Step of Reproduction/ Proof of...

ManageEngine DataSecurity Plus Authentication Bypass Vulnerability

ManageEngine DataSecurity Plus versions prior to 6.0.1 and ADAudit Plus versions prior to 6.0.3 suffer from an authentication bypass vulnerability. ManageEngine DataSecurity Plus Authentication Bypass Identifiers ------------------------------------------------- CVE-2020-11532 XL-20-002 CVSSv3...

ManageEngine DataSecurity Plus Path Traversal / Code Execution

XL-2020-001 - DataSecurity Plus Xnode Server - Remote Code Execution via Path Traversal =============================================================================== Identifiers ------------------------------------------------- CVE-2020-11531 XL-20-001 CVSSv3 score...

Mapbox: Stored xss in editor

On March 28th, 2015 @sahilsaif reported an issue with stored XSS in Mapbox Editor www.mapbox.com/editor. We deployed a fix for this issue on March 30th, 2015. On March 28th, 2015, I found a Stored XSS in Mapbox Editor. Which was hosted on https://mapbox.com/editor Mapbox Editor is now deprecated...