632 matches found
Technicolor TC7337 - SSID Persistent Cross-Site Scripting
Technicolor TC7337 - SSID Persistent Cross-Site Scripting // Device : Technicolor TC7337 // Vulnerable URL : https://your.rou.ter.ip/wlscanresults.html // XSS through SSID : ' Exactly 32 bytes uu // ^ // 5char domains are running | 'src' does not requires quotes , and passing the URL with ony '//...
Technicolor TC7337 - SSID Persistent Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications // Device : Technicolor TC7337 // Vulnerable URL : https://your.rou.ter.ip/wlscanresults.html // XSS through SSID : ' Exactly 32 bytes uu // ^ // 5char domains are running | 'src' does not requires quotes , and passing the URL with ony '//' //...
WebKit CachedFrameBase::restore Universal Cross Site Scripting
WebKit: UXSS via CachedFrameBase::restore This is similar to the case https://bugs.chromium.org/p/project-zero/issues/detail?id=1151. But this time, javascript handlers may be fired in FrameLoader::open. void FrameLoader::openCachedFrameBase& cachedFrame ... cleardocument, true, true,...
WebKit - 'CachedFrameBase::restore' Universal Cross-Site Scripting
Click anywhere... function createURLdata, type = 'text/html' return URL.createObjectURLnew Blobdata, type: type; function navigatew, url let a = w.document.createElement'a'; a.href = url; a.click; window.onclick = = window.w = open'about:blank', 'w', 'width=500, height=500'; let i0 =...
WebKit WebCore::toJS Use-After-Free
WebKit: WebCore::toJS use-after-free CVE-2017-2476 There is a use-after-free security vulnerability in WebKit. The vulnerability was confirmed on ASan build of WebKit nightly. PoC: ================================================================= function freememory var a; forvar i=0;i...
Debian DLA-859-1 : calibre security update
It was found that a JavaScript present in the book can access files on the computer using XMLHttpRequest. For Debian 7 'Wheezy', these problems have been fixed in version 0.8.51+dfsg1-0.1+deb7u1. We recommend that you upgrade your calibre packages. NOTE: Tenable Network Security has extracted the...
Files.com: CSRF @ configuration
Enter the support PIN from your test site if applicable: Enter the name of your test site if applicable: gaming2 Enter the subdomain from your test site if applicable: gaming2 Fill in the rest of your report below: ---- Greeting guys , i found a CSRF Bug at the configuration - General form in all...
Apple macOS HelpViewer 10.12.1 - XSS Leads to Arbitrary File Execution Arbitrary File Read
Apple macOS HelpViewer 10.12.1 - XSS Leads to Arbitrary File Execution Arbitrary File Read / OSX: HelpViewer XSS leads to arbitrary file execution and arbitrary file read. HelpViewer is an application and using WebView to show a help file. You can see it simply by the command: open...
Horos 2.1.0 Cross Site Scripting Vulnerability
Exploit for macOS platform in category dos / poc Horos 2.1.0 Web Portal DOM Based XSS Vendor: Horos Project Product web page: https://www.horosproject.org Affected version: 2.1.0 Summary: HorosaC/ is an open-source, free medical image viewer. The goal of the Horos Project is to develop a fully...
XFINITY Gateway Technicolor DPC3941T Cross Site Request Forgery
Exploit Title: CSRF XFINITY Gateway product Technicolorpreviously Cisco DPC3941T Date: 12/12/2016 Exploit Author: Ayushman Dutta Version: dpc3941-P20-18-v303r20421733-160413a-CMCST CVE : CVE-2016-7454 The Device DPC3941T is vulnerable to CSRF and has no security on the entire admin panel for it...
CNDSOFT 2.3 Cross Site Request Forgery / Shell Upload
========================================================================================================= Exploit Title: CNDSOFT 2.3 - Arbitrary File Upload with CSRF shell.php Author: Besim Google Dork: - Date: 19/10/2016 Type: webapps Platform : PHP Vendor Homepage: - Software Link:...
Subrion CMS 4.0.5 - Cross-Site Request Forgery Bypass / Persistent Cross-Site Scripting
Exploit Title: Subrion CMS 4.0.5 - CSRF Bypass to Persistent XSS and Add-Admin Date: 15-10-2016 Software Link: http://www.subrion.org/download/ Vendor: http://www.subrion.org Google Dork: "Powered by Subrion CMS" Exploit Author: Ahsan Tahir Contact: https://twitter.com/AhsanTahirAT |...
ApPHP MicroBlog 1.0.2 Cross Site Request Forgery
Exploit Title : ApPHP MicroBlog 1.0.2 - Cross-Site Request Forgery Add New Author Author : Besim Google Dork : Date : 12/10/2016 Type : webapps Platform : PHP Vendor Homepage : - Software link : http://www.scriptdungeon.com/jump.php?ScriptID=9162 CSRF PoC function submitRequest var xhr = new...
phpEnter 4.2.7 Cross Site Request Forgery
function submitRequest var xhr = new XMLHttpRequest; xhr.open"POST", "http://sitename/path/addnews.php", true; xhr.setRequestHeader"Accept", "text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8"; xhr.setRequestHeader"Accept-Language", "en-US,en;q=0.5"; xhr.setRequestHeader"Content-Type"...
ApPHP MicroBlog 1.0.2 - Cross-Site Request Forgery (Add New Author)
ApPHP MicroBlog 1.0.2 - Cross-Site Request Forgery Add New Author Exploit Title : ApPHP MicroBlog 1.0.2 - Cross-Site Request Forgery Add New Author Author : Besim Google Dork : Date : 12/10/2016 Type : webapps Platform : PHP Vendor Homepage : - Software link :...
ApPHP MicroBlog 1.0.2 - Cross-Site Request Forgery (Add New Author)
Exploit Title : ApPHP MicroBlog 1.0.2 - Cross-Site Request Forgery Add New Author Author : Besim Google Dork : Date : 12/10/2016 Type : webapps Platform : PHP Vendor Homepage : - Software link : http://www.scriptdungeon.com/jump.php?ScriptID=9162 CSRF PoC function submitRequest var xhr = new...
Microsoft Internet Explorer 11 CORS Disrespect
IE11 is not following CORS specification for local files like Chrome and Firefox. I've contacted Microsoft and they say this is not a security issue so I'm sharing it. From my tests IE11 is not following CORS specifications for local files as supposed to be. In order to prove I've created a...
Use-after-free in service workers with nested sync events — Mozilla
Security researcher Looben Yang discovered a use-after-free vulnerability when working with nested sync event loops in Service Workers. He discovered a mechanism where scripts can close their own worker, which will then trigger a synchronization XMLHttpRequest on this now closed and released...
Ultrabenosaurus ChatBoard - Persistent Cross-Site Scripting
Exploit Title: Ultrabenosaurus ChatBoard - Stored XSS Date: 2016-06-14 Exploit Author: HaHwul Exploit Author Blog: www.hahwul.com Vendor Homepage: http://ultrabenosaurus.ninja/ Software Link: https://github.com/Ultrabenosaurus/ChatBoard/archive/master.zip Tested on: Debian wheezy Vulnerability...
Ultrabenosaurus ChatBoard - Persistent Cross-Site Scripting
Ultrabenosaurus ChatBoard - Persistent Cross-Site Scripting Exploit Title: Ultrabenosaurus ChatBoard - Stored XSS Date: 2016-06-14 Exploit Author: HaHwul Exploit Author Blog: www.hahwul.com Vendor Homepage: http://ultrabenosaurus.ninja/ Software Link:...