Search the Community
Showing results for tags 'site'.
Found 436 results
-
Exploits WordPress Add Mime Types 2.2.1 Cross Site Request Forgery
1337day-Exploits posted a topic in Updated Exploits
WordPress Add Mime Types plugin version 2.2.1 suffers from a cross site request forgery vulnerability. View the full article -
Neo Billing version 3.5 suffers from a persistent cross site scripting vulnerability. View the full article
-
Kimai version 2 suffers from a persistent cross site scripting vulnerability. View the full article
-
Exploits Open-Xchange OX App Suite Content Spoofing / Cross Site Scripting
1337day-Exploits posted a topic in Updated Exploits
Open-Xchange OX App Suite suffers from a content spoofing, cross site scripting, and information disclosure vulnerabilities. Versions affected vary depending on the vulnerability. View the full article -
Exploits Open-Xchange OX Guard Cross Site Scripting / Signature Validation
1337day-Exploits posted a topic in Updated Exploits
Open-Xchange OX Guard versions 7.10.2 and below suffer from a cross site scripting vulnerability. Open-Xchange OX Guard versions 7.10.1 and below, 2.10.2 and below suffer from a signature validation vulnerability. View the full article -
Exploits WordPress Download Manager 2.5 Cross Site Request Forgery
1337day-Exploits posted a topic in Updated Exploits
WordPress Download Manager plugin version 2.5 suffers from a cross site request forgery vulnerability. View the full article -
WebKit suffers from a universal cross site scripting vulnerability via XSLT and nested document replacements. View the full article
-
Exploits BSI Advance Hotel Booking System 2.0 Cross Site Scripting
1337day-Exploits posted a topic in Updated Exploits
BSI Advance Hotel Booking System version 2.0 suffers from a persistent cross site scripting vulnerability in booking_details.php. View the full article -
UNA version 10.0.0 RC1 suffers from a persistent cross site scripting vulnerability in polyglot.php. View the full article
-
An issue was discovered in osTicket versions before 1.10.7 and 1.12.x before 1.12.1. Stored XSS exists in setup/install.php. It was observed that no input sanitization was provided in the firstname and lastname fields of the application. The insertion of malicious queries in those fields leads to the execution of those queries. This can further lead to cookie stealing or other malicious actions. View the full article
-
Exploits osTicket 1.12 File Upload Cross Site Scripting
1337day-Exploits posted a topic in Updated Exploits
An issue was discovered in osTicket versions before 1.10.7 and 1.12.x before 1.12.1. The Ticket creation form allows users to upload files along with queries. It was found that the file-upload functionality has fewer (or no) mitigations implemented for file content checks; also, the output is not handled properly, causing persistent XSS that leads to cookie stealing or malicious actions. View the full article -
Exploits Master Data Online 2.0 Cross Site Scripting
1337day-Exploits posted a topic in Updated Exploits
Master Data Online version 2.0 suffers from a cross site scripting vulnerability. View the full article -
Exploits Adive Framework 2.0.7 Cross Site Request Forgery
1337day-Exploits posted a topic in Updated Exploits
Adive Framework version 2.0.7 suffers from a cross site request forgery vulnerability. View the full article -
Exploits Open-School 3.0 / Community Edition 2.3 Cross Site Scripting
1337day-Exploits posted a topic in Updated Exploits
Open-School version 3.0 and Community Edition 2.3 suffers from a cross site scripting vulnerability. View the full article -
MapProxy version 1.11.0 suffers from a cross site scripting vulnerability. View the full article
-
Exploits Daily Expense Manager 1.0 Cross Site Request Forgery
1337day-Exploits posted a topic in Updated Exploits
Daily Expense Manager version 1.0 suffers from a cross site request forgery vulnerability. View the full article -
Exploits CentOS Control Web Panel 0.9.8.846 Cross Site Scripting
1337day-Exploits posted a topic in Updated Exploits
CentOS Control Web Panel (CWP) version 0.9.8.846 suffers from a reflective cross site scripting vulnerability. View the full article -
Exploits 1CRM On-Premise Software 8.5.7 Cross Site Scripting
1337day-Exploits posted a topic in Updated Exploits
1CRM On-Premise Software version 8.5.7 suffers from a persistent cross site scripting vulnerability. View the full article -
Exploits College Notes Management System 1.0 Cross Site Request Forgery
1337day-Exploits posted a topic in Updated Exploits
College Notes Management System version 1.0 suffers from a cross site request forgery vulnerability. View the full article -
Exploits Ultimate Loan Manager 2.0 Cross Site Scripting
1337day-Exploits posted a topic in Updated Exploits
Ultimate Loan Manager version 2.0 suffers from a persistent cross site scripting vulnerability. View the full article -
Exploits Cisco Catalyst 3850 Series Device Manager 3.6.10E Cross Site Request Forgery
1337day-Exploits posted a topic in Updated Exploits
Cisco Catalyst 3850 Series Device Manager version 3.6.10E suffers from a cross site request forgery vulnerability. View the full article -
Exploits WordPress Simple Membership 3.8.4 Cross Site Request Forgery
1337day-Exploits posted a topic in Updated Exploits
WordPress Simple Membership plugin version 3.8.4 suffers from a cross site request forgery vulnerability. View the full article -
GigToDo versions 1.3 and below suffer from a persistent cross site scripting vulnerability. View the full article
-
Exploits WordPress Real Estate Theme 2.8.9 Cross Site Scripting
1337day-Exploits posted a topic in Updated Exploits
WordPress Real Estate theme version 2.8.9 suffers from a cross site scripting vulnerability. View the full article -
Exploits Zurmo 3.2.6 Persistent Cross Site Scripting
1337day-Exploits posted a topic in Updated Exploits
Zurmo version 3.2.6 suffers from a persistent cross site scripting vulnerability. View the full article
