7 matches found
PT-2025-38233
Name of the Vulnerable Software and Affected Versions: CISA Thorium versions prior to 1.1.2 Description: CISA Thorium does not validate TLS certificates when connecting to Elasticsearch. This allows an unauthenticated attacker with access to a Thorium cluster to impersonate the Elasticsearch...
LayerBB 1.1.1 - Persistent Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: LayerBB 1.1.1 - Cross-Site Scripting Author: 0xB9 Twitter: @0xB9Sec Contact: 0xB9atpm.me Software Link: https://forum.layerbb.com/downloads.php?view=file&id=26 Version: 1.1.1 Tested on: Ubuntu 18.04 CVE: CVE-2018-17997 1...
LayerBB 1.1.1 - Persistent Cross-Site Scripting
Exploit Title: LayerBB 1.1.1 - Cross-Site Scripting Date: 10/4/2018 Author: 0xB9 Twitter: @0xB9Sec Contact: 0xB9atpm.me Software Link: https://forum.layerbb.com/downloads.php?view=file&id=26 Version: 1.1.1 Tested on: Ubuntu 18.04 CVE: CVE-2018-17997 1. Description: LayerBB is a free open-source...
LayerBB 1.1.1 Cross Site Scripting
Exploit Title: LayerBB 1.1.1 - Cross-Site Scripting Date: 10/4/2018 Author: 0xB9 Twitter: @0xB9Sec Contact: 0xB9atpm.me Software Link: https://forum.layerbb.com/downloads.php?view=file&id=26 Version: 1.1.1 Tested on: Ubuntu 18.04 CVE: CVE-2018-17997 1. Description: LayerBB is a free open-source...
WoltLab Burning Board 4.0 Tapatalk Cross Site Scripting
Advisory: Cross-site Scripting in Tapatalk Plugin for WoltLab Burning Board 4.0 RedTeam Pentesting discovered a cross-site scripting XSS vulnerability in the Tapatalk plugin for the WoltLab Burning Board forum software, which allows attackers to inject arbitrary JavaScript code via URL parameters...
eduTrac 1.1.1-Stable Path Traversal Vulnerability
Exploit for php platform in category web applications Product: eduTrac Vendor: 7 Media Web Solutions, LLC. Vulnerable Versions: 1.1.1-Stable and probably prior Tested Version: 1.1.1-Stable Advisory Publication: December 11, 2013 without technical details Vendor Notification: December 11, 2013...
PT-2013-1801 · Red Hat · Aeolus Configuration Server
Name of the Vulnerable Software and Affected Versions: Aeolus Configuration Server versions prior to 1.1.2 Description: The issue concerns the aeolus-configserver-setup in the Aeolus Configuration Server, which is used in Red Hat CloudForms Cloud Engine. It uses world-readable permissions for a...