Lucene search
+L

7 matches found

Packet Storm
Packet Storm
added 2016/08/26 12:0 a.m.24 views

Zarafe CMS 1.0 Cross Site Request Forgery

Exploit Title : Zarafe CMS 1.0 / CSRF Rest Admin Password Exploit Author : Persian Hack Team Vendor Homepage : http://www.zarrafeh.net/ Category: Webapps Tested on: Win Version: 1.0 Date: 2016/08/27 PoC: Exploit codes: ================ Rest Admin Password The Code for zarafe.html is Zarafe CMS CS...

0.7AI score
Exploits0
0day.today
0day.today
added 2015/04/27 12:0 a.m.26 views

WordPress 4.2 - Stored XSS Vulnerability

Exploit for php platform in category web applications Overview Current versions of WordPress are vulnerable to a stored XSS. An unauthenticated attacker can inject JavaScript in WordPress comments. The script is triggered when the comment is viewed. If triggered by a logged-in administrator, unde...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2015/04/27 12:0 a.m.15 views

WordPress 4.2 - Persistent Cross-Site Scripting

WordPress 4.2 - Persistent Cross-Site Scripting Source: http://klikki.fi/adv/wordpress2.html Overview Current versions of WordPress are vulnerable to a stored XSS. An unauthenticated attacker can inject JavaScript in WordPress comments. The script is triggered when the comment is viewed. If...

6.8AI score
Exploits0
Hacker One
Hacker One
added 2014/12/17 7:13 p.m.51 views

HackerOne: Reflected File Download

Info: Reflected File Download is a new web attack vector. It allows an attacker to craft a malicious file and present it to a victim, but there is no file present at the server. It was recently published at the BlackHat Eupore 2014 by Oren Hafif. Link to his presentation is given at the end...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2013/11/04 12:0 a.m.51 views

HOTBOX 2.1.11 CSRF / Traversal / Denial Of Service

+------------------------------------------------------------------------------+ | HOTBOX is the leading router/modem appliance of | | HOT Cable communication company in israel. | | The Appliance is manufactured by SAGEMCOM | | and carries the model name F@st 3184. |...

6.1CVSS0.1AI score0.04743EPSS
Exploits12
Kitploit
Kitploit
added 2013/08/29 1:15 a.m.104 views

[CookieCatcher] Session Hijacking Tool

CookieCatcher is an open source application which was created to assist in the exploitation of XSS Cross Site Scripting vulnerabilities within web applications to steal user session IDs aka Session Hijacking. The use of this application is purely educational and should not be used without proper...

6.5AI score
Exploits0References1
Packet Storm
Packet Storm
added 2011/04/15 12:0 a.m.37 views

TextAds 2.08 Cross Site Scripting

=========================================================================== TextAds 2.08 Script Cross Site Scripting Vulnerability =========================================================================== Name: TextAds 2.08 Script Cross Site Scripting Vulnerability Vendor:...

Exploits0
Rows per page
Query Builder