10 matches found
EUVD-2018-20876
Malware in sbrugna...
Subsonic Media Server Cross-Site Scripting Vulnerability
Subsonic Media Server is a media file hosting platform. A cross-site scripting vulnerability in the podcast subscription form in Subsonic Media Server version 6.1.1 can be exploited by a remote attacker by sending the 'add' parameter to the podcastReceiverAdmin.view file to manipulate a user's...
CVE-2018-9282
An XSS issue was discovered in Subsonic Media Server 6.1.1. The podcast subscription form is affected by a stored XSS vulnerability in the add parameter to podcastReceiverAdmin.view; no administrator access is required. By injecting a JavaScript payload, this flaw could be used to manipulate a...
CVE-2018-9282
An XSS issue was discovered in Subsonic Media Server 6.1.1. The podcast subscription form is affected by a stored XSS vulnerability in the add parameter to podcastReceiverAdmin.view; no administrator access is required. By injecting a JavaScript payload, this flaw could be used to manipulate a...
Cross site scripting
An XSS issue was discovered in Subsonic Media Server 6.1.1. The podcast subscription form is affected by a stored XSS vulnerability in the add parameter to podcastReceiverAdmin.view; no administrator access is required. By injecting a JavaScript payload, this flaw could be used to manipulate a...
CVE-2018-9282
An XSS issue was discovered in Subsonic Media Server 6.1.1. The podcast subscription form is affected by a stored XSS vulnerability in the add parameter to podcastReceiverAdmin.view; no administrator access is required. By injecting a JavaScript payload, this flaw could be used to manipulate a...
CVE-2018-9282
CVE-2018-9282 concerns a stored XSS vulnerability in Subsonic Media Server 6.1.1. The issue affects the podcast subscription form via the add parameter to podcastReceiverAdmin.view, allowing an attacker to inject JavaScript without needing administrator access. This could be used to manipulate a ...
Subsonic 6.1.1 - Cross-Site Request Forgery Vulnerability
Exploit for windows platform in category web applications + Credits: John Page a.k.a hyp3rlinx Vendor: ================ www.subsonic.org Product: =============== subsonic v6.1.1 Subsonic is a media streaming server. You install it on your own computer where you keep your music or video collection...
Subsonic 6.1.1 - XML External Entity Injection Vulnerability
Exploit for windows platform in category local exploits + Credits: John Page a.k.a hyp3rlinx Vendor: ================ www.subsonic.org Product: =============== subsonic v6.1.1 Subsonic is a media streaming server. You install it on your own computer where you keep your music or video collection...
Subsonic 6.1.1 - Cross-Site Request Forgery / Cross-Site Scripting Vulnerabilities
Exploit for windows platform in category web applications + Credits: John Page a.k.a hyp3rlinx Vendor: ================ www.subsonic.org Product: =============== subsonic v6.1.1 Subsonic is a media streaming server. You install it on your own computer where you keep your music or video collection...