the original cloud security
Showing 1 - 25 of 15,076 RSS Feed

XSS Files

PEGA Platform 7.2 ML0 Missing Access Control / Cross Site Scripting
Posted Jul 17, 2017
Authored by Daniel Correa

PEGA Platform versions 7.2 ML0 and below suffer from missing access control and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2017-11355, CVE-2017-11356
MD5 | 938c5f42465df06a9e5c4c2fc3e83ed2
Orangescrum 1.6.1 File Upload / Cross Site Scripting
Posted Jul 17, 2017
Authored by tomplixsee

Orangescrum version 1.6.1 suffers from cross site scripting and remote file upload vulnerabilities.

tags | exploit, remote, vulnerability, xss, file upload
MD5 | 9693daf187246491e666ce159587cc45
Vodafone Italia Webmail Cross Site Scripting
Posted Jul 13, 2017
Authored by theMiddle

Vodafone Italia's webmail system suffers from a cross site scripting vulnerability that can be leveraged via an incoming email.

tags | exploit, xss
MD5 | d0d7db3a1272f4db6715ac4f88d6f69f
Apache Open Meetings 3.2.0 Cross Site Scripting
Posted Jul 13, 2017
Authored by Security Innovation

Apache Open Meetings version 3.2.0 suffers from a cross site scripting vulnerability.

tags | advisory, xss
advisories | CVE-2017-7663
MD5 | 9e8232ac589f00d065c50a41985205d0
Sitecore CMS 8.2 Cross Site Scripting / File Disclosure
Posted Jul 13, 2017
Authored by Usman Saeed

Sitecore CMS version 8.2 suffers from cross site scripting and file disclosure vulnerabilities.

tags | exploit, vulnerability, xss, info disclosure
MD5 | 4858233c0ae712bdc0b065aba7a0cab1
RSA Authentication Manager 8.2 SP1 Cross Site Scripting
Posted Jul 13, 2017
Site emc.com

RSA Authentication Manager versions 8.2 SP1 and below suffer from a stored cross site scripting vulnerability.

tags | advisory, xss
advisories | CVE-2017-8000
MD5 | ae44f3bc0782d5d9b8cbf572c21a6d09
RSA Identity Governance And Lifecycle File Upload / XSS
Posted Jul 13, 2017
Site emc.com

Multiple RSA Identity Governance and Lifecycle products suffer from remote file upload and cross site scripting vulnerabilities. Affected products include RSA Identity Governance and Lifecycle versions 7.0.1, 7.0.2, all patch levels, RSA Via Lifecycle and Governance version 7.0, all patch levels, and RSA Identity Management and Governance (RSA IMG) versions 6.9.1, all patch levels.

tags | advisory, remote, vulnerability, xss, file upload
advisories | CVE-2017-8004, CVE-2017-8005
MD5 | e4d5560e1af72698b914df2a682e9f6b
Red Hat Security Advisory 2017-1739-01
Posted Jul 12, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1739-01 - OpenStack Dashboard provides administrators and users with a graphical interface to access, provision, and automate cloud-based resources. Security Fix: A cross-site scripting flaw was discovered in the OpenStack dashboard which allowed remote authenticated administrators to conduct XSS attacks using a crafted federation mapping rule. For this flaw to be exploited, federation mapping must be enabled in the dashboard.

tags | advisory, remote, xss
systems | linux, redhat
advisories | CVE-2017-7400
MD5 | 95af0406275f158f0085ef9a2ede7899
AGFEO Smart Home ES 5xx / 6xx Authentication Bypass / XSS / Hardcoded Credentials
Posted Jul 12, 2017
Authored by T. Weber | Site sec-consult.com

AGFEO Smart Home ES 5xx / 6xx versions 1.9b and 1.10 suffers from authentication bypass, cross site scripting, and hard-coded private key vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | d8b060c4416bc13adecea2847e56ea96
ObjectPlanet Opinio 7.6.3 Cross Site Scripting
Posted Jul 12, 2017
Authored by Kasper Karlsson

ObjectPlanet Opinio versions 7.6.3 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2017-10798
MD5 | 2c6e538a5255abbbe63a715b422d9339
RaidenHTTPD 2.0.44 User-Agent Cross Site Scripting
Posted Jul 12, 2017
Authored by sultan albalawi

RaidenHTTPD version 2.0.44 suffers from a cross site scripting vulnerability via the user-agent header.

tags | exploit, xss
MD5 | 280b6748678ae5a593570faa3573d0a8
HP Security Bulletin HPESBGN03762 1
Posted Jul 11, 2017
Authored by HP | Site hp.com

HP Security Bulletin HPESBGN03762 1 - Potential security vulnerabilities have been identified in HPE Network Node Manager i. The vulnerabilities could be remotely exploited to allow bypass security restrictions, cross-site scripting (XSS), and/or URL redirection. Revision 1 of this advisory.

tags | advisory, vulnerability, xss
advisories | CVE-2017-8948
MD5 | 0381a18a7544fb7fb594274929cf5fe3
Shenzhen C-Data CD7201 Command Injection / Cross Site Scripting
Posted Jul 11, 2017
Authored by Codex Lynx

Shenzhen C-Data CD7201 with software version 2.4.6b and firmware version 7.1.0 suffer from authentication bypass, command injection, and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 2f2406c1fed6720250bfb64cda0f49c8
Rise Ultimate Project Manager 1.8 Cross Site Scripting
Posted Jul 10, 2017
Authored by 8bitsec

Rise Ultimate Project Manager version 1.8 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 777631a23b625f4d7d95e352bf19262c
Pulse Connect Secure 8.3R1 CSRF / XSS
Posted Jul 10, 2017
Authored by sxcurity | Site insecurity.zone

Pulse Connect Secure version 8.3R1 suffer from cross site scripting and cross site request forgery vulnerabilities.

tags | exploit, vulnerability, xss, csrf
MD5 | f881d55ec2c771f14be93daa0a0887bf
Yaws 2.0 Cross Site Scripting
Posted Jul 4, 2017
Authored by sultan albalawi

Yaws server version2.0 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | e8a85c148e887e014427c7e9c438d040
Xenforo Forum CMS 1.5.13 Cross Site Scripting
Posted Jul 3, 2017
Authored by Project Insecurity, MLT | Site insecurity.zone

Xenforo Forum CMS version 1.5.13 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 4049540e25d622043fb619c1860d275b
Webmin 1.840 Cross Site Scripting
Posted Jul 3, 2017
Authored by Andy Tan

Webmin version 1.840 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2017-9313
MD5 | bb51602cc1da9c4e34fe8d5f821ccdd0
Humax Digital HG100R 2.0.6 XSS / Information Disclosure
Posted Jul 3, 2017
Authored by The Gambler

Humax Digital HG100R version 2.0.6 suffers from backup disclosure, root credential disclosure, and cross site scripting vulnerabilities.

tags | exploit, root, vulnerability, xss, info disclosure
advisories | CVE-2017-7315, CVE-2017-7316
MD5 | d929ed2b472ae8a416c2a4ab898c7996
RSA Archer GRC 6.2.0.2 CSRF / XSS / Bypass / Open Redirect
Posted Jul 1, 2017
Site emc.com

RSA Archer GRC version 6.2.0.2 suffers from bypass, cross site request forgery, information disclosure, open redirection, and cross site scripting vulnerabilities.

tags | advisory, vulnerability, xss, info disclosure, csrf
advisories | CVE-2017-4998, CVE-2017-4999, CVE-2017-5000, CVE-2017-5001, CVE-2017-5002
MD5 | 6cf471214abe6297b8b4c071b0aa43fd
Microsoft Dynamic CRM 2016 Cross Site Scripting
Posted Jun 30, 2017
Authored by Gregory Draperi

Microsoft Dynamic CRM 2016 versions SP1 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 6edb82874ea081b8edfc3b1e81d10c4d
Trihedral VTScada DoS / XSS / Information Disclosure
Posted Jun 30, 2017
Authored by Karn Ganeshen

Trihedral VTScada versions prior to 11.2.26 suffer from resource consumption, cross site scripting, and information disclosure vulnerabilities.

tags | advisory, vulnerability, xss, info disclosure
MD5 | cb976665ca752634c866774df96acaff
Kaspersky Anti-Virus File Server 8.0.3.297 XSS / CSRF / Code Execution
Posted Jun 29, 2017
Authored by Core Security Technologies, Maximiliano Vidal, Leandro Barragan | Site coresecurity.com

Kaspersky Anti-Virus for Linux File Server version 8.0.3.297 suffers from remote code execution, cross site request forgery, cross site scripting, security bypass, information disclosure, and path traversal vulnerabilities.

tags | exploit, remote, vulnerability, code execution, virus, xss, info disclosure, csrf
systems | linux
advisories | CVE-2017-9810, CVE-2017-9811, CVE-2017-9812, CVE-2017-9813
MD5 | 834309bd7c681fce682800c2b27a31c0
Red Hat Security Advisory 2017-1598-01
Posted Jun 28, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1598-01 - OpenStack Dashboard provides administrators and users with a graphical interface to access, provision, and automate cloud-based resources. The following packages have been upgraded to a later upstream version: python-django-horizon. Security Fix: A cross-site scripting flaw was discovered in the OpenStack dashboard which allowed remote authenticated administrators to conduct XSS attacks using a crafted federation mapping rule. For this flaw to be exploited, federation mapping must be enabled in the dashboard.

tags | advisory, remote, xss, python
systems | linux, redhat
advisories | CVE-2017-7400
MD5 | 81bf98fb7034529dc78cf4721c28a1f4
PHPMailer Cross Site Scripting
Posted Jun 25, 2017
Authored by Shahab Shamsi

PHPMailer versions prior to 5.2.23 suffer from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 805a38cbb28d9f509ff048255eec6de7
Page 1 of 604
Back12345Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    2 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close