exploit the possibilities
Showing 51 - 75 of 15,975 RSS Feed

XSS Files

CentOS Web Panel Domain Field Cross Site Scripting
Posted May 1, 2019
Authored by DKM

CentOS Web Panel versions 0.9.8.793 (Free), 0.9.8.753 (Pro), and 0.9.8.807 (Pro) suffer from a domain field (Add DNS Zone) cross site scripting vulnerability.

tags | exploit, web, xss
systems | linux, centos
advisories | CVE-2019-11429
MD5 | be5c79be3a331f5a1d0193ab501c129f
HumHub 1.3.12 Cross Site Scripting
Posted Apr 30, 2019
Authored by Kagan Eglence

HumHub version 1.3.12 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2019-11564
MD5 | 19b801f4bf8c18f07ae79ebf59c9f930
Apache Archiva 2.2.3 Cross Site Scripting
Posted Apr 30, 2019
Authored by Martin S

Apache Archiva versions 2.0.0 through 2.2.3 suffer from a persistent cross site scripting vulnerability.

tags | advisory, xss
advisories | CVE-2019-0213
MD5 | 3f0d62fcdd54327d9288e9d39bd1c28f
Veeam ONE Reporter 9.5.0.3201 Cross Site Scripting
Posted Apr 30, 2019
Authored by Seyed Sadegh Khatami

Veeam ONE Reporter version 9.5.0.3201 suffers from multiple persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 08c6a34277da2a031a1736ca3570b2a6
Sierra Wireless AirLink ES450 ACEManager ping_result.cgi Cross Site Scripting
Posted Apr 26, 2019
Authored by Cisco Talos, Carl Hurd | Site talosintelligence.com

An exploitable cross-site scripting vulnerability exists in the ACEManager ping_result.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP ping request can cause reflected javascript code execution, resulting in the execution of javascript code running on the victim's browser. An attacker can get a victim to click a link, or embedded URL, that redirects to the reflected cross-site scripting vulnerability to trigger this vulnerability.

tags | exploit, web, cgi, javascript, code execution, xss
advisories | CVE-2018-4065
MD5 | 9c802870395109f5bce702b93c61851d
Apache Pluto 3.0.0 / 3.0.1 Cross Site Scripting
Posted Apr 26, 2019
Authored by Mishra Dhiraj

Apache Pluto versions 3.0.0 and 3.0.1 suffer from a persistent cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2019-0186
MD5 | 5b4d482e4f11f898eeb856751db97337
osTicket 1.11 Cross Site Scripting / Local File Inclusion
Posted Apr 25, 2019
Authored by Ozkan Mustafa Akkus

osTicket version 1.11 suffers from cross site scripting and local file inclusion vulnerabilities.

tags | exploit, local, vulnerability, xss, file inclusion
MD5 | c6bdf1690086d5f3d63da393f7da49fb
JioFi 4G M2S 1.0.2 Cross Site Scripting
Posted Apr 25, 2019
Authored by Vikas Chaudhary

JioFi 4G M2S version 1.0.2 suffers from cross site scripting and html injection vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2019-7438
MD5 | b1e27e73e94aac9f52d2d8890f21c42e
UliCMS 2019.2 / 2019.1 Cross Site Scripting
Posted Apr 23, 2019
Authored by Kagan Eglence

UliCMS versions 2019.2 and 2019.1 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2019-11398
MD5 | f13c01a732277faca5b7d15c6c7fb9ac
Debian Security Advisory 4434-1
Posted Apr 22, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4434-1 - A cross-site scripting vulnerability has been found in Drupal, a fully-featured content management framework.

tags | advisory, xss
systems | linux, debian
advisories | CVE-2019-11358
MD5 | fad7ec5b9301e51a47961b29cb334625
WordPress Download Manager 2.9.93 Cross Site Scripting
Posted Apr 17, 2019
Authored by ThuraMoeMyint

WordPress Download Manager plugin version 2.9.93 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 6e44af3b213e221b3464bac7bebfa674
2 Plan Team 1.0.4 Cross Site Scripting
Posted Apr 17, 2019
Authored by indoushka

2 Plan Team version 1.0.4 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 3c0b8ec591a4e6cc09486fd5e2af39d7
Ubuntu Security Notice USN-3948-1
Posted Apr 16, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3948-1 - A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

tags | advisory, remote, web, denial of service, arbitrary, javascript, code execution, xss
systems | linux, ubuntu
advisories | CVE-2019-11070, CVE-2019-8518, CVE-2019-8536, CVE-2019-8559
MD5 | afdf0e0cecca2a8868662e6759e344de
Zyxel ZyWall Cross Site Scripting
Posted Apr 16, 2019
Authored by Aaron Bishop

ZyWall 310, ZyWall 110, USG1900, ATP500, and USG40 devices suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2019-9955
MD5 | 6a488936efef77d973078a35e0209519
Seo Panel Newsletter 1.2.0 Cross Site Scripting
Posted Apr 15, 2019
Authored by Deyaa Muhammad

Seo Panel Newsletter plugin version 1.2.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 5d39d7af66210de8dfcf530bc65fae09
WordPress Download Manager 2.9.92 Cross Site Scripting
Posted Apr 15, 2019
Authored by ThuraMoeMyint

WordPress Download Manager plugin version 2.9.92 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | bb8b5efd41990f8b6901e44dfe22b53d
Raptor WAF 0.6
Posted Apr 14, 2019
Authored by coolervoid

Raptor is a web application firewall written in C that uses DFA to block SQL injection, cross site scripting, and path traversals.

Changes: Fixed error handlers. Improved and fixed all socket connections.
tags | tool, web, firewall, xss, sql injection
systems | unix
MD5 | 8e5555cd8660e9301c79a579e3ef6dbc
DirectAdmin 1.561 Cross Site Scripting
Posted Apr 12, 2019
Authored by Numan OZDEMIR

DirectAdmin versions 1.561 and below suffer from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2019-11193
MD5 | 55fb7c5c8f2bb42df534a00528ddba62
Nagios XI 5.5.10 XSS / Remote Code Execution
Posted Apr 12, 2019
Authored by Abdel Adim Oisfi

Various vulnerabilities have been found in Nagios XI version 5.5.10, which allow a remote attacker able to trick an authenticated victim (with "autodiscovery job" creation privileges) to visit a malicious URL to obtain a remote root shell via a reflected cross site scripting, an authenticated remote code Execution and a local privilege escalation.

tags | exploit, remote, shell, local, root, vulnerability, code execution, xss
advisories | CVE-2019-9164, CVE-2019-9165, CVE-2019-9166, CVE-2019-9167, CVE-2019-9202, CVE-2019-9203, CVE-2019-9204
MD5 | a57f6817171de50e793d88c586dbe05c
D-Link DI-524 2.06RU Cross Site Scripting
Posted Apr 10, 2019
Authored by Semen Alexandrovich Lyhin

D-Link DI-524 version 2.06RU suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2019-11017
MD5 | 4f32fb60b928f8bf7c467862c210cd05
EasyIO 30P Authentication Bypass / Cross Site Scripting
Posted Apr 9, 2019
Authored by Daniel Ricardo dos Santos

EasyIO 30P versions prior to 2.0.5.27 suffer from authentication bypass and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, bypass
advisories | CVE-2018-15819, CVE-2018-15820
MD5 | 3003284b7edcf2a24469c156220e0180
Loytec LGATE-902 XSS / Traversal / File Deletion
Posted Apr 9, 2019
Authored by Daniel Ricardo dos Santos

Loytec LGATE-902 versions prior to 6.4.2 suffer from cross site scripting, arbitrary file deletion, and directory traversal vulnerabilities.

tags | exploit, arbitrary, vulnerability, xss, file inclusion
advisories | CVE-2018-14916, CVE-2018-14918, CVE-2018-14919
MD5 | bf196a89942c4e399ed9ea256488aabb
CentOS Web Panel 0.9.8.793 (Free) / 0.9.8.753 (Pro) Cross Site Scripting
Posted Apr 8, 2019
Authored by DKM

CentOS Web Panel versions 0.9.8.793 (Free) and 0.9.8.753 (Pro) suffer from an email field persistent cross site scripting vulnerability.

tags | exploit, web, xss
systems | linux, centos
advisories | CVE-2019-10893
MD5 | f6f57efa6c03ff289d3e61cb9a33b3f3
ShoreTel Connect ONSITE Cross Site Scripting / Session Fixation
Posted Apr 7, 2019
Authored by Ramikan

ShoreTel Connect ONSITE versions prior to 19.49.1500.0 suffer from cross site scripting and session fixation vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2019-9591, CVE-2019-9592, CVE-2019-9593
MD5 | b932ff88a665f3b5cddd128f7f22e77d
Dell EMC IsilonSD Management Server 1.1.0 Cross Site Scripting
Posted Apr 5, 2019
Authored by Dell Product Security Incident Response Team | Site dellemc.com

Dell EMC IsilonSD Management Server version 1.1.1 contains fixes for two cross site scripting (XSS) security vulnerabilities, which could potentially be exploited by malicious users to compromise the affected system.

tags | advisory, vulnerability, xss
advisories | CVE-2019-3708, CVE-2019-3709
MD5 | 926c23acead65bbcb12e6f8d6db13a6e
Page 3 of 639
Back12345Next

File Archive:

June 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    1 Files
  • 2
    Jun 2nd
    2 Files
  • 3
    Jun 3rd
    19 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    15 Files
  • 6
    Jun 6th
    12 Files
  • 7
    Jun 7th
    11 Files
  • 8
    Jun 8th
    1 Files
  • 9
    Jun 9th
    1 Files
  • 10
    Jun 10th
    15 Files
  • 11
    Jun 11th
    15 Files
  • 12
    Jun 12th
    15 Files
  • 13
    Jun 13th
    8 Files
  • 14
    Jun 14th
    16 Files
  • 15
    Jun 15th
    2 Files
  • 16
    Jun 16th
    1 Files
  • 17
    Jun 17th
    18 Files
  • 18
    Jun 18th
    16 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close