158 matches found
YUI < 2.9.0 Cross-site Scripting
According to its self-reported version number, YUI is prior to 2.9.0. Therefore, it may be affected by a cross-site scripting vulnerability in the addItem method in the Menu widget. Note that the scanner has not tested for these issues but has instead relied only on the application's self-reporte...
YUI 2.4.0 < 3.0.0 Cross-site Scripting
According to its self-reported version number, YUI is at least 2.4.0 and prior to 3.0.0. Therefore, it may be affected by a cross-site scripting vulnerability via YUI .swf files. Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported...
YUI 3.0.0 < 3.10.1 Cross-site Scripting
According to its self-reported version number, YUI is at least 3.0.0 and prior to 3.10.1 or 3.10.2. Therefore, it may be affected by a cross-site scripting vulnerability via YUI io.swf file. Note that the scanner has not tested for these issues but has instead relied only on the application's...
YUI 3.10.2 Cross-site Scripting
According to its self-reported version number, YUI is at least 3.0.0 and prior to 3.10.1 or 3.10.2. Therefore, it may be affected by a cross-site scripting vulnerability via YUI io.swf file. Note that the scanner has not tested for these issues but has instead relied only on the application's...
YUI 3.5.0-PR1 < 3.5.1 Cross-site Scripting
According to its self-reported version number, YUI is at least 3.5.0-PR1 and prior to 3.5.1. Therefore, it may be affected by a cross-site scripting vulnerability involving the ARIA live region and text results. Note that the scanner has not tested for these issues but has instead relied only on...
YUI 3.0.0 < 3.10.0 Cross-site Scripting
According to its self-reported version number, YUI is at least 3.0.0 and prior to 3.10.0. Therefore, it may be affected by a cross-site scripting vulnerability via YUI .swf files used in the IO Utility and Uploader components. Note that the scanner has not tested for these issues but has instead...
YUI 2.4.0 < 2.8.2 Cross-site Scripting
According to its self-reported version number, YUI is at least 2.4.0 and prior to 2.8.2. Therefore, it may be affected by a cross-site scripting vulnerability via YUI .swf files. Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported...
SugarCRM Community Edition Cross-Site Scripting Vulnerability
SugarCRM Community Edition is an open source Customer Relationship Management CRM system from SugarCRM USA. The system supports differentiated marketing for different customer needs, managing and distributing sales leads, and enabling information sharing and tracking of sales representatives. A...
CVE-2018-17784
Multiple vulnerabilities in YUI and FlashCanvas embedded in SugarCRM Community Edition 6.5.26 could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack on a targeted system...
CVE-2018-17784
Multiple vulnerabilities in YUI and FlashCanvas embedded in SugarCRM Community Edition 6.5.26 could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack on a targeted system...
Cross site scripting
Multiple vulnerabilities in YUI and FlashCanvas embedded in SugarCRM Community Edition 6.5.26 could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack on a targeted system...
CVE-2018-17784
CVE-2018-17784: SugarCRM Community Edition 6.5.26 contains multiple XSS vulnerabilities in YUI/FlashCanvas, via components such as uploader.swf, io.swf and flashcanvas.swf. An unauthenticated, remote attacker can inject arbitrary web scripts on a target system. Evidence across sources confirms th...
Cross-site Scripting (XSS)
Moodle is vulnerable to cross-site scripting XSS attacks. These attacks are possible through the io.swf component of Yahoo! YUI used within Moodle...
Cross-Site Scripting
Overview Affected versions of yui are vulnerable to cross-site scripting in the uploader.swf and io.swf utilities, via script injection in the url. Recommendation YUI has published their recommendation to fix this issue. Their recommendation is to: - Delete self-hosted copies of these files if yo...
VBScan 0.1.4 - Black Box vBulletin Vulnerability Scanner
VBScan is an opensource project in perl programming language to detect VBulletin CMS vulnerabilities and analyses them. Why VBScan ? If you want to do a penetration test on a vBulletin Forum, VBScan is Your best shot ever! This Project is being faster than ever and updated with the latest VBullet...
QIWI: [rubm.qiwi.com] Yui charts.swf XSS
Yui charts.swf XSS...
Cisco Ironport AsyncOS Cross Site Scripting
Cisco Ironport AsyncOS Cross Site Scripting Vendor: Cisco Product webpage: http://www.cisco.com Affected versions: Cisco Ironport ESA - AsyncOS 8.0.1-023 Cisco Ironport WSA - AsyncOS 8.5.5-022 Cisco Ironport SMA - AsyncOS 8.4.0-126 Date: 24/02/2015 Credits: Glafkos Charalambous CVE: CVE-2013-6780...
YUI Images Script Shell Upload Vulnerability
No description provided by source. Title: YUI Images Script Shell Upload Vulnerability Version: 1.0 Author: Mr.P3rfekT Software Link: http://momche.net/res/YUI-upload/html/momche-yui-upload.zip Tested on Lunix CVE : N/A Founded By Mr.P3rfekT Helllo Allz Exploit : http://127.0.0.1/YUI-upload/html...
Acunetix Web Vulnerability Scanner Version 9 - Web Application Security Testing Tool
Acunetix W eb V ulnerability S canner WVS is an automated web application security testing tool that audits your web applications by checking for exploitable hacking vulnerabilities. Automated scans may be supplemented and cross-checked with the variety of manual tools to allow for comprehensive...
vBulletin YUI 2.9.0 Cross Site Scripting
Author: TUNISIAN CYBER + Exploit Title: vBulletin YUI 2.9.0 Cross Site Scripting vulnerability + Date: 09-01-2014 + Category: WebApp + Google Dork: :inurl:"clientscript/yui/uploader/assets/" + Tested on: KaliLinux + Friend's blog: www.na3il.com +Description: YUI is a free, open source JavaScript...