what you don't know can hurt you
Showing 76 - 100 of 16,521 RSS Feed

XSS Files

Mida Solutions eFramework 2.9.0 XSS / Code Execution / SQL Injection
Posted Jul 21, 2020
Authored by Andrea Baesso

Mida Solutions eFramework versions 2.9.0 and below suffer from command execution, cross site scripting, denial of service, remote SQL injection, and path traversal vulnerabilities.

tags | advisory, remote, denial of service, vulnerability, xss, sql injection, file inclusion
MD5 | cf1e3e8d713adde398b34963e73c3e6c
Red Hat Security Advisory 2020-3003-01
Posted Jul 20, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3003-01 - Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services. Issues addressed include a cross site scripting vulnerability.

tags | advisory, xss
systems | linux, redhat
advisories | CVE-2020-10753, CVE-2020-1760
MD5 | fc492b96cd3af3b2842f919f6ccc0fea
WonderCMS 3.1.0 XSS / Directory Traversal / File Upload
Posted Jul 17, 2020
Authored by Calvin Phang | Site sec-consult.com

WonderCMS versions 3.1.0 and below suffer from directory traversal, persistent cross site scripting, and file upload vulnerabilities.

tags | advisory, vulnerability, xss, file upload
MD5 | c87a3407d183c31bf41f5245e885cf76
Apple Security Advisory 2020-07-15-5
Posted Jul 17, 2020
Authored by Apple | Site apple.com

Apple Security Advisory 2020-07-15-5 - Safari 13.1.2 is now available and addresses bypass, code execution, cross site scripting, out of bounds read, and use-after-free vulnerabilities.

tags | advisory, vulnerability, code execution, xss
systems | apple
advisories | CVE-2020-9862, CVE-2020-9893, CVE-2020-9894, CVE-2020-9895, CVE-2020-9903, CVE-2020-9910, CVE-2020-9911, CVE-2020-9912, CVE-2020-9915, CVE-2020-9916, CVE-2020-9925
MD5 | fae2dd75505f460f265a5bb0c506f1b7
PMB 5.6 Cross Site Scripting
Posted Jul 17, 2020
Authored by 41-trk

PMB versions 5.6 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 0ff6c93ac41e938ef27f2d12bb3fb29a
Apple Security Advisory 2020-07-15-4
Posted Jul 17, 2020
Authored by Apple | Site apple.com

Apple Security Advisory 2020-07-15-4 - watchOS 6.2.8 is now available and addresses bypass, code execution, cross site scripting, out of bounds read, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, vulnerability, code execution, xss
systems | apple
advisories | CVE-2020-9862, CVE-2020-9865, CVE-2020-9885, CVE-2020-9888, CVE-2020-9889, CVE-2020-9890, CVE-2020-9891, CVE-2020-9893, CVE-2020-9894, CVE-2020-9895, CVE-2020-9909, CVE-2020-9910, CVE-2020-9915, CVE-2020-9916, CVE-2020-9918, CVE-2020-9923, CVE-2020-9925, CVE-2020-9933, CVE-2020-9936
MD5 | 3d5d573fe7b211101f6cd780461624f6
Apple Security Advisory 2020-07-15-3
Posted Jul 17, 2020
Authored by Apple | Site apple.com

Apple Security Advisory 2020-07-15-3 - tvOS 13.4.8 is now available and addresses bypass, code execution, cross site scripting, out of bounds read, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, vulnerability, code execution, xss
systems | apple
advisories | CVE-2019-14899, CVE-2020-9862, CVE-2020-9865, CVE-2020-9888, CVE-2020-9889, CVE-2020-9890, CVE-2020-9891, CVE-2020-9893, CVE-2020-9894, CVE-2020-9895, CVE-2020-9907, CVE-2020-9909, CVE-2020-9910, CVE-2020-9914, CVE-2020-9915, CVE-2020-9916, CVE-2020-9918, CVE-2020-9925, CVE-2020-9933, CVE-2020-9936
MD5 | 3f70ec352ebe5c029a760fd3924867c3
Apple Security Advisory 2020-07-15-1
Posted Jul 17, 2020
Authored by Apple | Site apple.com

Apple Security Advisory 2020-07-15-1 - iOS 13.6 and iPadOS 13.6 are now available and address buffer overflow, bypass, code execution, cross site scripting, denial of service, out of bounds read, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability, code execution, xss
systems | apple, ios
advisories | CVE-2019-14899, CVE-2019-19906, CVE-2020-9862, CVE-2020-9865, CVE-2020-9878, CVE-2020-9885, CVE-2020-9888, CVE-2020-9889, CVE-2020-9890, CVE-2020-9891, CVE-2020-9893, CVE-2020-9894, CVE-2020-9895, CVE-2020-9903, CVE-2020-9907, CVE-2020-9909, CVE-2020-9910, CVE-2020-9911, CVE-2020-9914, CVE-2020-9915, CVE-2020-9916, CVE-2020-9917, CVE-2020-9918, CVE-2020-9923, CVE-2020-9925, CVE-2020-9931, CVE-2020-9933, CVE-2020-9934
MD5 | 930c08146b91758658c332bba05db932
Online Farm Management System 0.1.0 Cross Site Scripting
Posted Jul 16, 2020
Authored by KeopssGroup0day Inc

Online Farm Management System version 0.1.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | a8502a837509421fc2b0d57d0b22b284
Ubuntu Security Notice USN-4422-1
Posted Jul 14, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4422-1 - A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

tags | advisory, remote, web, denial of service, arbitrary, javascript, code execution, xss
systems | linux, ubuntu
advisories | CVE-2020-13753, CVE-2020-9806
MD5 | 1b8543f2c71af096df5e32c7f265fadc
Verint Impact 360 15.1 Script Insertion / HTML Injection
Posted Jul 14, 2020
Authored by Ryan Delaney

Verint Impact 360 version 15.1 has an issue where the helpURL parameter in wfo/help/help_popup.jsp can be changed to embed arbitrary content inside of an iFrame. Attackers may use this in conjunction with social engineering to embed malicious scripts or phishing pages on a site where this product is installed, given the attacker can convince a victim to visit a crafted link.

tags | exploit, arbitrary, xss
advisories | CVE-2019-12773
MD5 | 4dd04c37bb2f1afa689fdbef4d3f3853
Red Hat Security Advisory 2020-2412-01
Posted Jul 13, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2412-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include code execution, cross site scripting, denial of service, and man-in-the-middle vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution, xss
systems | linux, redhat
advisories | CVE-2019-11254, CVE-2019-11358, CVE-2020-10749, CVE-2020-11022, CVE-2020-11023, CVE-2020-8558, CVE-2020-9283
MD5 | fb50c62e152a3bb91c8924226093206d
Pandora FMS 7.0 NG 746 Script Insertion / Code Execution
Posted Jul 11, 2020
Authored by AppleBois

Pandora FMS 7.0 NG versions 746 and below remote code execution exploit that leverages cross site scripting. Requires administrator to perform an snmp scan with a cross site scripting payload.

tags | exploit, remote, code execution, xss
MD5 | 245bf731b05ac276a48b0f51f260ba04
Impress CMS 1.4.0 Cross Site Scripting
Posted Jul 11, 2020
Authored by AppleBois

Impress CMS version 1.4.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 029b019e3aee7ed3d4048cb1c2d4d9a0
Webtareas 2.1 / 2.1p Cross Site Scripting
Posted Jul 11, 2020
Authored by AppleBois

Webtareas versions 2.1 and 2.1p suffer from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 7b3695728c5fb49d9a1558d6999d69b0
WordPress Power's WHOIS Domain Check 0.9.31 Cross Site Scripting
Posted Jul 9, 2020
Authored by mqt

WordPress Power's WHOIS Domain Check plugin version 0.9.31 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 531ffdeebaae913d9bed73e0ac6d32fc
Savsoft Quiz 5 Cross Site Scripting
Posted Jul 9, 2020
Authored by th3d1gger

Savsoft Quiz version 5 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 95176c76c0355bece50fe077b3d503d1
Red Hat Security Advisory 2020-2861-01
Posted Jul 7, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2861-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. Issues addressed include cross site scripting, denial of service, and server-side request forgery vulnerabilities.

tags | advisory, denial of service, vulnerability, xss
systems | linux, redhat
advisories | CVE-2019-11253, CVE-2020-12052, CVE-2020-12245, CVE-2020-13379, CVE-2020-13430, CVE-2020-7660, CVE-2020-7662
MD5 | 859b001fe65073c510ebeca168065f10
File Management System 1.1 Cross Site Scripting
Posted Jul 3, 2020
Authored by KeopssGroup0day Inc

File Management System version 1.1 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 57c219d025fd9b68e5d82101af2884fb
Froala WYSIWYG HTML Editor 3.1.1 Cross Site Scripting
Posted Jul 3, 2020
Authored by Emanuel Duss

Froala WYSIWYG HTML Editor versions 3.0.6 through 3.1.1 suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2019-19935
MD5 | fb51f3219cdae4ef390670001545f686
Bolt CMS 3.7.0 XSS / CSRF / Shell Upload
Posted Jul 3, 2020
Authored by Sivanesh Ashok

Bolt CMS versions 3.7.0 and below suffer from cross site request forgery, cross site scripting, and remote shell upload vulnerabilities that when combined can achieve remote code execution in one click.

tags | exploit, remote, shell, vulnerability, code execution, xss, csrf
advisories | CVE-2020-4040, CVE-2020-4041
MD5 | e1905dcd1353235ff99a9faf7ed545ef
EQDKP Plus CMS 2.3.29 Cross Site Scripting
Posted Jul 2, 2020
Authored by Farhan Rahman, Nik Ramadhan Nik Idris | Site sec-consult.com

EQDKP Plus CMS versions 2.3.29 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 6e0586e92216026b2681d3aa315d4314
Red Hat Security Advisory 2020-2813-01
Posted Jul 2, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2813-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.1 serves as a replacement for Red Hat Single Sign-On 7.4.0, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution and cross site scripting vulnerabilities.

tags | advisory, web, vulnerability, code execution, xss
systems | linux, redhat
advisories | CVE-2020-10719, CVE-2020-10748, CVE-2020-11022, CVE-2020-11023, CVE-2020-1694, CVE-2020-1714, CVE-2020-8840, CVE-2020-9546, CVE-2020-9547, CVE-2020-9548
MD5 | fc87487bd16e3e344871d5b5c6ab11d5
Red Hat Security Advisory 2020-2796-01
Posted Jul 2, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2796-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. Issues addressed include cross site scripting, denial of service, and server-side request forgery vulnerabilities.

tags | advisory, denial of service, vulnerability, xss
systems | linux, redhat
advisories | CVE-2019-11253, CVE-2019-16769, CVE-2020-12052, CVE-2020-12245, CVE-2020-13379, CVE-2020-13430, CVE-2020-7660, CVE-2020-7662
MD5 | 6aa2c306664a21495013deb64b301e7b
Victor CMS 1.0 Cross Site Scripting
Posted Jun 30, 2020
Authored by Anushree Priyadarshini

Victor CMS version 1.0 suffers from a user_firstname persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 2a152bf1fb1e31cb58c670ebc653cb10
Page 4 of 661
Back23456Next

File Archive:

September 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    20 Files
  • 2
    Sep 2nd
    15 Files
  • 3
    Sep 3rd
    15 Files
  • 4
    Sep 4th
    4 Files
  • 5
    Sep 5th
    1 Files
  • 6
    Sep 6th
    1 Files
  • 7
    Sep 7th
    15 Files
  • 8
    Sep 8th
    27 Files
  • 9
    Sep 9th
    7 Files
  • 10
    Sep 10th
    16 Files
  • 11
    Sep 11th
    9 Files
  • 12
    Sep 12th
    0 Files
  • 13
    Sep 13th
    0 Files
  • 14
    Sep 14th
    25 Files
  • 15
    Sep 15th
    15 Files
  • 16
    Sep 16th
    15 Files
  • 17
    Sep 17th
    15 Files
  • 18
    Sep 18th
    12 Files
  • 19
    Sep 19th
    1 Files
  • 20
    Sep 20th
    1 Files
  • 21
    Sep 21st
    15 Files
  • 22
    Sep 22nd
    21 Files
  • 23
    Sep 23rd
    7 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close