7 matches found
Textpattern CMS 4.9.0-dev Cross Site Scripting
Exploit Title: Textpattern CMS 4.9.0-dev - 'Excerpt' Persistent Cross-Site Scripting XSS Date: 2021-03-04 Exploit Author: Tushar Vaidya Vendor Homepage: https://textpattern.com Software Link: https://textpattern.com/start Version: v 4.9.0-dev Tested on: Windows Steps-To-Reproduce: 1. Login into...
Textpattern CMS 4.9.0-dev - (Excerpt) Persistent Cross-Site Scripting Vulnerability
Exploit Title: Textpattern CMS 4.9.0-dev - 'Excerpt' Persistent Cross-Site Scripting XSS Date: 2021-03-04 Exploit Author: Tushar Vaidya Vendor Homepage: https://textpattern.com Software Link: https://textpattern.com/start Version: v 4.9.0-dev Tested on: Windows Steps-To-Reproduce: 1. Login into...
Textpattern CMS 4.8.4 Cross Site Scripting
Exploit Title: Textpattern CMS 4.8.4 - 'Comments' Persistent Cross-Site Scripting XSS Date: 2021-03-04 Exploit Author: Tushar Vaidya Vendor Homepage: https://textpattern.com Software Link: https://textpattern.com/start Version: v 4.8.4 Tested on: Windows Steps-To-Reproduce: 1. Login into...
Textpattern CMS 4.8.4 - (Comments) Persistent Cross-Site Scripting Vulnerability
Exploit Title: Textpattern CMS 4.8.4 - 'Comments' Persistent Cross-Site Scripting XSS Exploit Author: Tushar Vaidya Vendor Homepage: https://textpattern.com Software Link: https://textpattern.com/start Version: v 4.8.4 Tested on: Windows Steps-To-Reproduce: 1. Login into Textpattern CMS admin...
Local Services Search Engine Management System 1.0 SQL Injection
Exploit Title: Local Services Search Engine Management System LSSMES 1.0 - Blind & Error based SQL injection Authenticated Date: 2021-03-02 Exploit Author: Tushar Vaidya Vendor Homepage: https://phpgurukul.com/local-services-search-engine-management-system-using-php-and-mysql/ Software Link:...
Local Services Search Engine Management System (LSSMES) 1.0 - (name) XSS Vulnerability
Exploit Title: Local Services Search Engine Management System LSSMES 1.0 - 'name' Persistent Cross-Site Scripting XSS Exploit Author: Tushar Vaidya Vendor Homepage: https://phpgurukul.com/local-services-search-engine-management-system-using-php-and-mysql/ Software Link:...
Local Services Search Engine Management System (LSSMES) 1.0 - Blind & Error based SQL injection (Authenticated)
Exploit Title: Local Services Search Engine Management System LSSMES 1.0 - Blind & Error based SQL injection Authenticated Date: 2021-03-02 Exploit Author: Tushar Vaidya Vendor Homepage: https://phpgurukul.com/local-services-search-engine-management-system-using-php-and-mysql/ Software Link:...