53 matches found
CVE-2019-7335
Self - Stored XSS exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code in the view 'log' as it insecurely prints the 'Log Message' value on the web page without applying any proper filtration. This relates to the view=logs value...
EUVD-2016-1776
Malware in sbrugna...
EUVD-2021-12815
Malware in sbrugna...
EUVD-2018-13419
Malware in sbrugna...
EUVD-2021-1378
Malware in sbrugna...
EUVD-2016-1772
Malware in sbrugna...
EUVD-2019-16878
Malware in sbrugna...
EUVD-2016-1777
Malware in sbrugna...
EUVD-2016-1821
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2019-7335
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Self - Stored XSS exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code in the view 'log' as it insecurely prints the 'Lo...
Linux Distros Unpatched Vulnerability : CVE-2019-7352
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Self - Stored Cross Site Scripting XSS exists in ZoneMinder through 1.32.3, as the view 'state' aka Run State state.php does no input validation to the value...
Linux Distros Unpatched Vulnerability : CVE-2019-7345
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Self - Stored Cross Site Scripting XSS exists in ZoneMinder through 1.32.3, as the view 'options' options.php does no input validation for the WEBTITLE, HOMEURL...
CVE-2019-7336
Self - Stored Cross Site Scripting XSS exists in ZoneMinder through 1.32.3, as the view monitorfilters.php contains takes in input from the user and saves it into the session, and retrieves it later insecurely. The values of the MonitorName and Source parameters are being displayed without any...
CVE-2018-20881
cPanel before 74.0.8 allows self stored XSS on the Security Questions login page SEC-446...
CVE-2019-17379
cPanel before 82.0.15 allows self stored XSS in the WHM SSL Storage Manager interface SEC-527...
CVE-2016-10827
cPanel before 55.9999.141 allows self stored XSS in WHM Edit System Mail Preferences SEC-96...
CVE-2016-10778
cPanel before 60.0.25 allows self stored XSS in the listftpstable API SEC-178...
acp2sev 7.2.2 Cross Site Scripting Vulnerability
Exploit Title: Self Stored XSS - acp2sev7.2.2 Date: 02/2025 Exploit Author: Andrey Stoykov Version: 7.2.2 Tested on: Ubuntu 22.04 Blog: https://msecureltd.blogspot.com/2025/02/friday-fun-pentest-series-19-self.html Self Stored XSS 1: Steps to Reproduce: 1. Visit...
acp2sev 7.2.2 Cross Site Scripting
acp2sev version 7.2.2 suffers from a persistent cross site scripting vulnerability. Exploit Title: Self Stored XSS - acp2sev7.2.2 Date: 02/2025 Exploit Author: Andrey Stoykov Version: 7.2.2 Tested on: Ubuntu 22.04 Blog: https://msecureltd.blogspot.com/2025/02/friday-fun-pentest-series-19-self.htm...
CVE-2021-25990
In “ifme”, versions v7.22.0 to v7.31.4 are vulnerable against self-stored XSS in the contacts field as it allows loading XSS payloads fetched via an iframe...