36 matches found
CVE-2019-7335
Self - Stored XSS exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code in the view 'log' as it insecurely prints the 'Log Message' value on the web page without applying any proper filtration. This relates to the view=logs value...
EUVD-2018-13419
Malware in sbrugna...
EUVD-2021-12815
Malware in sbrugna...
EUVD-2016-1777
Malware in sbrugna...
EUVD-2016-1821
Malware in sbrugna...
EUVD-2016-1776
Malware in sbrugna...
EUVD-2021-1378
Malware in sbrugna...
EUVD-2016-1772
Malware in sbrugna...
EUVD-2019-16878
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2019-7335
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Self - Stored XSS exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code in the view 'log' as it insecurely prints the 'Lo...
Linux Distros Unpatched Vulnerability : CVE-2019-7352
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Self - Stored Cross Site Scripting XSS exists in ZoneMinder through 1.32.3, as the view 'state' aka Run State state.php does no input validation to the value...
Linux Distros Unpatched Vulnerability : CVE-2019-7345
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Self - Stored Cross Site Scripting XSS exists in ZoneMinder through 1.32.3, as the view 'options' options.php does no input validation for the WEBTITLE, HOMEURL...
CVE-2018-20881
cPanel before 74.0.8 allows self stored XSS on the Security Questions login page SEC-446...
CVE-2019-17379
cPanel before 82.0.15 allows self stored XSS in the WHM SSL Storage Manager interface SEC-527...
CVE-2016-10827
cPanel before 55.9999.141 allows self stored XSS in WHM Edit System Mail Preferences SEC-96...
CVE-2016-10778
cPanel before 60.0.25 allows self stored XSS in the listftpstable API SEC-178...
acp2sev 7.2.2 Cross Site Scripting Vulnerability
Exploit Title: Self Stored XSS - acp2sev7.2.2 Date: 02/2025 Exploit Author: Andrey Stoykov Version: 7.2.2 Tested on: Ubuntu 22.04 Blog: https://msecureltd.blogspot.com/2025/02/friday-fun-pentest-series-19-self.html Self Stored XSS 1: Steps to Reproduce: 1. Visit...
acp2sev 7.2.2 Cross Site Scripting
acp2sev version 7.2.2 suffers from a persistent cross site scripting vulnerability. Exploit Title: Self Stored XSS - acp2sev7.2.2 Date: 02/2025 Exploit Author: Andrey Stoykov Version: 7.2.2 Tested on: Ubuntu 22.04 Blog: https://msecureltd.blogspot.com/2025/02/friday-fun-pentest-series-19-self.htm...
CVE-2021-25990
In “ifme”, versions v7.22.0 to v7.31.4 are vulnerable against self-stored XSS in the contacts field as it allows loading XSS payloads fetched via an iframe...
GHSA-Q6W2-89HQ-HQ27 keycloak Self Stored Cross-site Scripting vulnerability
A flaw was found in keycloak in versions before 13.0.0. A Self Stored XSS attack vector escalating to a complete account takeover is possible due to user-supplied data fields not being properly encoded and Javascript code being used to process the data. The highest threat from this vulnerability ...