17 matches found
EUVD-2019-0420
Malware in sbrugna...
EUVD-2020-29884
Malware in sbrugna...
EUVD-2018-3017
Malware in sbrugna...
EUVD-2001-0840
Malware in sbrugna...
EUVD-2025-13360
Malicious code in bioql PyPI...
CVE-2023-36288
An unauthenticated Cross-Site Scripting XSS vulnerability found in Webkul QloApps 1.6.0 allows an attacker to obtain a user's session cookie and then impersonate that user via GET configure parameter...
Glovo: Moodle XSS on evolve.glovoapp.com
Cross Site Scripting XSS / Moodle XSS Summary : Cross-site scripting XSS is a type of computer security vulnerability typically found in web applications. XSS enables attackers to inject client-side scripts into web pages viewed by other users. A cross-site scripting vulnerability may be used by...
CVE-2020-9055
Versiant LYNX Customer Service Portal CSP, version 3.5.2, is vulnerable to stored cross-site scripting, which could allow a local, authenticated attacker to insert malicious JavaScript that is stored and displayed to the end user. This could lead to website redirects, session cookie hijacking, or...
CVE-2020-9055
Versiant LYNX CSP 3.5.2 is vulnerable to stored cross-site scripting due to insufficient input validation, enabling a local, authenticated attacker to inject JavaScript that is stored and executed for end users (possible redirects, session cookie hijacking, information disclosure). The issue is d...
WordPress W3 Total Cache 0.9.4.1 Race Condition
------------------------------------------------------------------------ Information disclosure race condition in W3 Total Cache WordPress Plugin ------------------------------------------------------------------------ Sipke Mellema, July 2016...
CTERA 3.2.29.0 and 3.2.42.0 - Stored XSS
No description provided by source. 恶意用户可以修改项目文件夹描述进行XSS攻击和HTML注入(添加链接、图片和按钮等)。 因为项目文件夹时被不同用户共享,该漏洞可以用来抓取会话cookie。 创建一个项目文件夹并添加下面的描述(根据版本修改特定路径):...
Design/Logic Flaw
IBM Security AppScan Enterprise 5.6 and 8.x before 8.7 includes a security test that sends session cookies to a specific external server, which allows man-in-the-middle attackers to hijack the test account by capturing these cookies...
You! Hostit! Cross Site Scripting
view source print? andresg888 Contact : andresg8884tgmaildotcom Web: : www.ilegalintrusion.net & www.bl4ck-p0rtal.org Dork : No DoRk f0R ScRipT KiDDieS Example:...
Maxwebportal 1.30 - search.asp?Search Cross-Site Scripting
Maxwebportal 1.30 - search.asp?Search Cross-Site Scripting source: https://www.securityfocus.com/bid/7837/info A number of vulnerabilities have been discovered in the MaxWebPortal. The issues that have been discovered include: MaxWebPortal 'search.asp' has been reported prone to a cross-site...
Maxwebportal 1.30 - 'search.asp?Search' Cross-Site Scripting
source: https://www.securityfocus.com/bid/7837/info A number of vulnerabilities have been discovered in the MaxWebPortal. The issues that have been discovered include: MaxWebPortal 'search.asp' has been reported prone to a cross-site scripting vulnerability. An attacker may execute arbitrary scri...
Multiple webmin bugs
Crossite scripting, session cookie hijacking...
CVE-2001-0857
Cross-site scripting vulnerability in status.php3 in Imp Webmail 2.2.6 and earlier allows remote attackers to gain access to the e-mail of other users by hijacking session cookies via the message parameter...