A Cart 2.0 Database Disclosure

==================================================================================================================================== | Title : A cart 2.0 Database Disclosure Exploit | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 108.032-bit | | Vendor...

A Cart 1.0 Database Disclosure

==================================================================================================================================== | Title : A cart 1.0 Database Disclosure Exploit | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 108.032-bit | | Vendor...

CVE-2023-2490

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Fernando Briano UserAgent-Spy plugin = 1.3.1 versions...

CVE-2023-2490

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Fernando Briano UserAgent-Spy plugin = 1.3.1 versions...

Cross site scripting

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Fernando Briano UserAgent-Spy plugin = 1.3.1 versions...

CVE-2023-2490

CVE-2023-2490 affects the WordPress plugin UserAgent-Spy (Fernando Briano)

CVE-2023-2490 WordPress UserAgent-Spy Plugin <= 1.3.1 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Fernando Briano UserAgent-Spy plugin = 1.3.1 versions...

CVE-2023-2490 WordPress UserAgent-Spy Plugin <= 1.3.1 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Fernando Briano UserAgent-Spy plugin = 1.3.1 versions...

WordPress plugin UserAgent-Spy 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

PT-2023-19833 · Fernando Briano · Useragent-Spy

Name of the Vulnerable Software and Affected Versions: Fernando Briano UserAgent-Spy plugin versions prior to 1.3.1 Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability that affects users with admin+ authentication. This type of vulnerability allows an attacker to...

UserAgent-Spy <= 1.3.1 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

WordPress UserAgent-Spy Plugin <= 1.3.1 is vulnerable to Cross Site Scripting (XSS)

Software UserAgent-Spy Type Plugin Vulnerable versions = 1.3.1 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-2490 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 7a32663f704c Credits Yash Kanchhal Required...

NETGEAR SRX5308 跨站脚本漏洞

The NETGEAR SRX5308 is a VPN firewall appliance from NETGEAR. A cross-site scripting vulnerability exists in the NETGEAR SRX5308 version 4.3.5-3 and prior versions, which stems from cross-site scripting due to incorrect manipulation of the parameter Login.userAgent...

SUSE CVE-2008-1167

Stack-based buffer overflow in the useragent function in useragent.c in Squid Analysis Report Generator Sarg 2.2.3.1 allows remote attackers to execute arbitrary code via a long Squid proxy server User-Agent header. NOTE: some of these details are obtained from third party information...

WordPress Slider Revolution 4.6.5 Shell Upload

==================================================================================================================================== | Title : WordPress - Slider Revolution 4.6.5 WordPress - Slider Revolution 4.6.5 shell upload 0-day exploit | | Author : indoushka | | Tested on : windows 10...

CVE-2022-23496

Yet Another UserAgent Analyzer Yauaa is a java library that tries to parse and analyze the useragent string and extract as many relevant attributes as possible. Applications using the Client Hints analysis feature introduced with 7.0.0 can crash because the Yauaa library throws an...

CVE-2022-23496

Vulnerability summary (CVE-2022-23496, Yauaa) : The Java library Yauaa can crash when using the Client Hints analysis feature introduced with version 7.0.0 due to an ArrayIndexOutOfBoundsException. This affects applications that enable Client Hints analysis; those not using this feature are not a...

CVE-2022-23496 A crafted list can trigger a ArrayIndexOutOfBoundsException in Yauaa

Yet Another UserAgent Analyzer Yauaa is a java library that tries to parse and analyze the useragent string and extract as many relevant attributes as possible. Applications using the Client Hints analysis feature introduced with 7.0.0 can crash because the Yauaa library throws an...

Yauaa 安全漏洞

Yauaa is a java library from the personal developer Niels Basjes. It is used for UserAgent analysis. A security vulnerability exists in Yauaa, which stems from its introduction of a client-side hint analysis feature that causes applications to crash when the Yauaa library throws an...

Malicious code in useragent-corev2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2d6e212f2c61f9a29fd610a2668235854bd6c1a991cc52985782f710b2e33398 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...