CVE-2024-40069

Sourcecodester Online ID Generator System 1.0 was discovered to contain Stored Cross Site Scripting XSS via idgenerator/classes/Users.php?f=save, and the point of vulnerability is in the POST parameter 'firstname' and 'lastname'...

CVE-2024-12815

The Point Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'pointmaker' shortcode in all versions up to, and including, 0.1.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

CVE-2024-7358

A vulnerability was found in Point B Ltd Getscreen Agent 2.19.6 on Windows. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file getscreen.msi of the component Installation. The manipulation leads to creation of temporary file with insecure...

MercadoLibre: Es posible poder navegar a cualquier pagina en Point Smart application

The vulnerability allowed users to navigate outside the intended application environment through a link in the Point Smart application...

Linux heap overflow of Fastbin Attack examples detailed explanation-vulnerability warning-the black bar safety net

1. Summary In recent years the large CTF game, see a lot of times pwn the category title appears in the fastbin attack of the case, such as this year's defcon, the RCTF, the fat Hubble Cup, 0CTF final, etc., fastbin attack is a heap exploits are common, easy-to-use and effective attack, in the...

Ultrabenosaurus ChatBoard - Persistent Cross-Site Scripting

Exploit Title: Ultrabenosaurus ChatBoard - Stored XSS Date: 2016-06-14 Exploit Author: HaHwul Exploit Author Blog: www.hahwul.com Vendor Homepage: http://ultrabenosaurus.ninja/ Software Link: https://github.com/Ultrabenosaurus/ChatBoard/archive/master.zip Tested on: Debian wheezy Vulnerability...