8 matches found
JobCareer < 2.5.1 - Authenticated Stored Cross-Site Scripting
Bad input fields data filtering has been discovered in the 'JobCareer | Job Board Responsive WordPress Theme'. http://jobcareer.chimpgroup.com/candidate/asdasdasdasdasd/ Register a new account on the demo website: http://jobcareer.chimpgroup.com/ , then go to the «Resume» profile tab:...
AudioCode 400HD Cross Site scripting Vulnerability
Exploit for cgi platform in category web applications CVE-2018-10091 Stored XSS vulnerabilities in AudioCode IP phones Description The AudioCodes 400HD series of IP phones is a range of easy-to-use, feature-rich desktop devices for the service provider hosted services, enterprise IP telephony and...
Dreamhack XSS / User Enumeration
Hi guys! After various months persuading the guys at Dreamhack to fix a series of issues in their websites without success I have decided to publish the vulnerabilities in the hope the comunity will be aware of them an avoid them. The date was chosen because today it's the opening of the Dreamhac...
Ruby on Rails Patches DoS, XSS Vulnerabilities
The developers of Ruby on Rails, the popular web app framework, released four new versions of the product yesterday, complete with fixes for a series of vulnerabilities that could have lead to denial of service attacks and XSS injections. Four vulnerabilities in total are addressed in versions...
[email protected], [email protected], [email protected]
Digital Security Research Group DSecRG Advisory DSECRG-08-016 Application: Jinzora Media Jukebox Versions Affected: 2.7.5 Vendor URL: http://www.jinzora.com/ Bugs: Multiple XSS Injections Exploits: YES Reported: 04.02.2008 Second report: 12.02.2008 Vendor response: NONE Date of Public Advisory:...
[DSECRG-08-011 | FIX INFORMATION] Astrosoft HelpDesk Multiple XSS
Digital Security Research Group DSecRG Advisory DSECRG-08-011 | FIX INFORMATION Application: Astrosoft HelpDesk Versions Affected: 1.95.228 Vendor URL: http://astrosoft.ru/ Bugs: Multiple XSS Injections Exploits: YES Reported: 29.01.2008 Date of Public Advisory: 04.02.2008 Vendor response:...
BitDefender Online Scanner 8 ActiveX Heap Overflow Exploit
Exploit for unknown platform in category remote exploits ========================================================== BitDefender Online Scanner 8 ActiveX Heap Overflow Exploit ==========================================================...
CVE-2002-2343
Cross-site scripting XSS vulnerability in NOCC 0.9 through 0.9.5 allows remote attackers to inject arbitrary web script or HTML via email messages...