Showing 1 - 2 of 2

CVE-2021-33570

Status Candidate

Overview

Postbird 0.8.4 allows stored XSS via the onerror attribute of an IMG element in any PostgreSQL database table. This can result in reading local files via vectors involving XMLHttpRequest and open of a file:/// URL, or discovering PostgreSQL passwords via vectors involving Window.localStorage and savedConnections.

Related Files

Postbird 0.8.4 XSS / LFI / Insecure Data Storage: Posted Jun 1, 2021; Authored by Tridentsec | Site tridentsec.io; Postbird version 0.8.4 suffers from cross site scripting, local file inclusion, and insecure data storage vulnerabilities. Included in this archive is a whitepaper and proof of concept exploit.; tags | exploit, local, vulnerability, xss, proof of concept, file inclusion; advisories | CVE-2021-33570; SHA-256 | 2fe1bba3a63538bc31c8f324c6075a4d7a94d198f0d2cc9c21a732f03fedcf03; Download | Favorite | View

Postbird 0.8.4 Cross Site Scripting / Local File Inclusion: Posted May 27, 2021; Authored by Debshubra Chakraborty; Postbird version 0.8.4 suffers from a javascript injection vulnerability that allows for cross site scripting and local file inclusion.; tags | exploit, local, javascript, xss, file inclusion; advisories | CVE-2021-33570; SHA-256 | a50f986fffa593ec901590f6e7af89c7caa33805339e420f6058a47850eb4854; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 256 files
Ubuntu 87 files
Gentoo 31 files
Debian 19 files
tmrswrr 8 files
Sina Kheirkhah 7 files
Rodolfo Tavares 4 files
bRpsd 3 files
nu11secur1ty 3 files
h00die-gr3y 2 files

File Archives

Systems

AIX (429)
Apple (2,090)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,082)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,531)
HPUX (880)
iOS (376)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,448)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,344)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,672)
UNIX (9,427)
UnixWare (187)
Windows (6,666)
Other

CVE-2021-33570

Overview

Related Files

File Archive:

July 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems