12 matches found
Automattic: GET /api/v2/url_info endpoint is vulnerable to Blind SSRF
Summary: GET /api/v2/urlinfo endpoint is vulnerable to Blind SSRF. I am able to hit both Internal and External services via url parameter by replacing with internal and external url. Platforms Affected: https://www.tumblr.com/ Steps To Reproduce: 1. Login to https://www.tumblr.com/ 2. Follow any...
Adobe Acrobat and Reader Security bypass (APSB18-02: CVE-2018-4872)
This vulnerability is a security bypass vulnerability that leads to the Acrobat Reader sandbox escape. In this case, the cross call from the sandbox process to the embedded Internet Explorer process allows opening of a URL without a prompt for certain URLs. Due to the vulnerability, it is possibl...
TypeSetter CMS 5.1 Host Header Injection
Exploit Title: TypeSetter CMS 5.1 Host Header Injection Date: 10-02-2018 Exploit Author: Navina Asrani Contact: https://twitter.com/NavinaSanjay Website: https://securitywarrior9.blogspot.in/ Vendor Homepage: https://www.typesettercms.com/ Version: 5.1 CVE : NA Category: Webapp CMS 1. Description...
Uber: Text Only Content Spoofing on ubermovement.com Community Page
Text Only Content Spoofing on ubermovement.com Community Page Vulnerable URL: http://ubermovement.com/community?tag=%20Stories%20have%20false%20information.%20Visit%20http://attacker.com%20for%20real%20stories. Content Spoofing is an attack technique that allows an attacker to inject a malicious...
OLX: Cross Site Scripting -> Reflected XSS
Steps:- 1. Go to http://www.olx.ba/pretraga?trazilica="PAYLOAD" 2.Payload :- "onmousemove=alert"XSSBYJASHWANTH" " 3. You will get Pop up 4. If the script should be trusted or not, it will execute the script in the user context allowing the attacker to access any cookies or session tokens retained...
LearnVest Cross Site Scripting
Exploit Title: LearnVest Web Application - Stored Cross-Site Scripting XSS Date: 07/04/16 Exploit Author: Omkar Joshi Vendor Homepage: https://www.learnvest.com Version: Latest Contacted Vendor Date: 07/04/16 Affected URL:- https://www.learnvest.com/mylv/money//settings/account My Profile Attack...
Manage Engine Desktop Central 9.1.0 Build 91099 XSS
Overview----------------------------------------------------------------------------------------------------------------------------- Vendor: Manage Engine Vulnerable Product: Desktop Central v.9.1.0 Build 91099 Vulnerability Type : Reflected Cross Site Scripting Vulnerability Vulnerable Version ...
Netwin SurgeFTP Sever 23d6 - Stored Cross Site Scripting Vulnerabilities
Exploit for windows platform in category web applications Exploit Netwin SurgeFTP Sever Stored Cross Site Scripting Vulnerabilities Date: 11/18/2015 Exploit Author: UnN0n Vendor: NetWin Software Link: http://netwinsite.com/cgi-bin/keycgi.exe?cmd=download&product=surgeftp Version: 23d6 Tested on:...
Netwin SurgeFTP Sever 23d6 - Persistent Cross-Site Scripting
Exploit Netwin SurgeFTP Sever Stored Cross Site Scripting Vulnerabilities Date: 11/18/2015 Exploit Author: UnN0n Vendor: NetWin Software Link: http://netwinsite.com/cgi-bin/keycgi.exe?cmd=download&product=surgeftp Version: 23d6 Tested on: Windows 7 x6464bit Info Surgeftp web-interface suffers wit...
Netwin SurgeFTP Sever 23d6 - Persistent Cross-Site Scripting
Netwin SurgeFTP Sever 23d6 - Persistent Cross-Site Scripting Exploit Netwin SurgeFTP Sever Stored Cross Site Scripting Vulnerabilities Date: 11/18/2015 Exploit Author: UnN0n Vendor: NetWin Software Link: http://netwinsite.com/cgi-bin/keycgi.exe?cmd=download&product=surgeftp Version: 23d6 Tested o...
ChillyCMS 1.1.3 - Multiple Vulnerabilities
ChillyCMS 1.1.3 - Multiple Vulnerabilities www.BugReport.ir AmnPardaz Security Research Team Title: chillyCMS Multiple Vulnerabilities Vendor: http://frozenpepper.de/ Vulnerable Version: 1.1.3 Latest version till now Exploitation: Remote with browser Fix: N/A - Description: chillyCMS is a Content...
SoftMaker Shop is vulnerable to XSS
Inputs in the SoftMaker Shop is not properly sanitized, and XSS is possible in a lot of the systems input fields and url parameters. Some fields have been filtered in a basic form, so that simple scripting like "scriptalert'XSS'/script" is not possible. However, since the filtering is not based o...