1071 matches found
CVE-2017-5392
Weak proxy objects have weak references on multiple threads when they should only have them on one, resulting in incorrect memory usage and corruption, which leads to potentially exploitable crashes. Note: This issue only affects Firefox for Android. Other operating systems are not affected. This...
Apple macOS Kernel - Use-After-Free Due to Lack of Locking in nvidia GeForce Driver
Apple macOS Kernel - Use-After-Free Due to Lack of Locking in nvidia GeForce Driver / nvDevice::SetAppSupportBits is external method 0x107 of the nvAccelerator IOService. It calls taskdeallocate without locking. Two threads can race calling this external method to drop two task references when on...
MyBB Recent Threads Plugin 1.0 - Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: MyBB Recent Threads Plugin v1.0 - Cross-Site Scripting Date: 6/2/2018 Author: 0xB9 Twitter: @0xB9Sec Contact: 0xB9atpm.me Software Link: https://community.mybb.com/mods.php?action=view&pid=842 Version: 1.0 Tested on: Ubuntu 18.0...
MyBB Recent Threads Plugin 1.0 - Cross-Site Scripting
MyBB Recent Threads Plugin 1.0 - Cross-Site Scripting Exploit Title: MyBB Recent Threads Plugin v1.0 - Cross-Site Scripting Date: 6/2/2018 Author: 0xB9 Twitter: @0xB9Sec Contact: 0xB9atpm.me Software Link: https://community.mybb.com/mods.php?action=view&pid=842 Version: 1.0 Tested on: Ubuntu 18.0...
MyBB Recent Threads 1.0 Cross Site Scripting
Exploit Title: MyBB Recent Threads Plugin v1.0 - Cross-Site Scripting Date: 6/2/2018 Author: 0xB9 Twitter: @0xB9Sec Contact: 0xB9atpm.me Software Link: https://community.mybb.com/mods.php?action=view&pid=842 Version: 1.0 Tested on: Ubuntu 18.04 CVE: CVE-2018-11715 1. Description: Creates a page...
MyBB Recent Threads Plugin 1.0 - Cross-Site Scripting
Exploit Title: MyBB Recent Threads Plugin v1.0 - Cross-Site Scripting Date: 6/2/2018 Author: 0xB9 Twitter: @0xB9Sec Contact: 0xB9atpm.me Software Link: https://community.mybb.com/mods.php?action=view&pid=842 Version: 1.0 Tested on: Ubuntu 18.04 CVE: CVE-2018-11715 1. Description: Creates a page...
CVE-2018-11715
The Recent Threads plugin before 1.1 for MyBB allows XSS via a thread subject...
CVE-2018-11715
The Recent Threads plugin before 1.1 for MyBB allows XSS via a thread subject...
Cross site scripting
The Recent Threads plugin before 1.1 for MyBB allows XSS via a thread subject...
CVE-2018-11715
The CVE-2018-11715 entry corresponds to a cross-site scripting vulnerability in the MyBB Recent Threads plugin (pre-1.1). Affected component: MyBB Recent Threads plugin for MyBB; root cause: insufficient validation of user-submitted input in thread subjects, leading to XSS. Impact details in sour...
CVE-2018-11715
The Recent Threads plugin before 1.1 for MyBB allows XSS via a thread subject...
MyBB Threads to Link plugin cross-site scripting vulnerability
MyBB aka MyBulletinBoard is a free and web-based forum software developed by the MyBB team using PHP and MySQL.Threads to Link plugin is a use in which a timeline link to add plug-ins. A cross-site scripting vulnerability exists in version 1.3 of the MyBB Threads to Link plugin, which stems from...
MyBB Latest Posts on Profile Plugin 1.1 - Cross-Site Scripting
Exploit Title: MyBB Latest Posts on Profile Plugin v1.1 - Cross-Site Scripting Date: 4/20/2018 Author: 0xB9 Contact: luxorforums.com/User-0xB9 or 0xB9atpm.me Software Link: https://community.mybb.com/mods.php?action=view&pid=914 Version: 1.1 Tested on: Ubuntu 17.10 CVE: CVE-2018-10580 1...
EulerOS 2.0 SP1 : python (EulerOS-SA-2018-1078)
According to the version of the python packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - python 2.7.14 is vulnerable to a Heap-Buffer-Overflow as well as a Heap-Use-After-Free. Python versions prior to 2.7.14 may also be vulnerable and ...
Cross site scripting
An XSS issue was discovered in the Threads to Link plugin 1.3 for MyBB. When editing a thread, the user is given the option to convert the thread to a link. The thread link input box is not properly sanitized...
CVE-2018-10365
An XSS issue was discovered in the Threads to Link plugin 1.3 for MyBB. When editing a thread, the user is given the option to convert the thread to a link. The thread link input box is not properly sanitized...
CVE-2018-10365
An XSS issue was discovered in the Threads to Link plugin 1.3 for MyBB. When editing a thread, the user is given the option to convert the thread to a link. The thread link input box is not properly sanitized...
CVE-2018-10365
An XSS issue was discovered in the Threads to Link plugin 1.3 for MyBB. When editing a thread, the user is given the option to convert the thread to a link. The thread link input box is not properly sanitized...
CVE-2018-10365
CVE-2018-10365 affects the MyBB Threads to Link plugin for MyBB (v1.3). The vulnerability arises from improper sanitization of the Thread Link input during thread edits, enabling cross-site scripting (XSS). Connected sources confirm a persistent XSS PoC exists (Exploit-DB) and show a code fix sug...
Microsoft Windows 10: Create permanent shared objects
This user right determines which accounts can be used by processes to create a directory object by using the object manager. Directory objects include Active Directory objects, files and folders, printers, registry keys, processes, and threads. Users who have this capability can create permanent...