what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 101 - 125 of 17,487 RSS Feed

XSS Files

Gas Agency Management 2022 SQL Injection / XSS / Shell Upload
Posted Aug 12, 2022
Authored by nu11secur1ty

Gas Agency Management 2022 suffers from cross site scripting, remote SQL injection, and remote shell upload vulnerabilities.

tags | exploit, remote, shell, vulnerability, xss, sql injection
SHA-256 | fbd80e45f29f9c744b81fc81cb49905ea0ee4dbf9f49738b949c8e75caba6e49
Fiberhome AN5506-02-B Cross Site Scripting
Posted Aug 11, 2022
Authored by Leonardo Goncalves

Fiberhome AN5506-02-B with firmware version RP2521 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 6468873259d857e4b7cda7bf2ece5a2b2508ecd08b9330bef4207248417b9146
Intelbras ATA 200 Cross Site Scripting
Posted Aug 11, 2022
Authored by Leonardo Goncalves

Intelbras ATA 200 with firmware version 74.19.10.21 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | e356bd5406aa48762a1618d1a835ba31ee602d213580bd449699352c7cdfb239
Ubuntu Security Notice USN-5561-1
Posted Aug 10, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5561-1 - It was discovered that GNOME Web incorrectly filtered certain strings. A remote attacker could use this issue to perform cross-site scripting attacks. This issue only affected Ubuntu 20.04 LTS. It was discovered that GNOME Web incorrectly handled certain long page titles. A remote attacker could use this issue to cause GNOME Web to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, web, denial of service, arbitrary, xss
systems | linux, ubuntu
advisories | CVE-2021-45085, CVE-2021-45086, CVE-2021-45087, CVE-2022-29536
SHA-256 | 9973ace527cbf32f5526f709c8f797db2c055203bb74e2e7b0d7f3b387c1dd77
Red Hat Security Advisory 2022-5069-01
Posted Aug 10, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5069-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.0. Issues addressed include code execution, cross site scripting, denial of service, information leakage, and traversal vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution, xss
systems | linux, redhat
advisories | CVE-2018-25009, CVE-2018-25010, CVE-2018-25012, CVE-2018-25013, CVE-2018-25014, CVE-2018-25032, CVE-2019-13750, CVE-2019-13751, CVE-2019-17594, CVE-2019-17595, CVE-2019-18218, CVE-2019-19603, CVE-2019-20838, CVE-2019-5827
SHA-256 | c2604c1404ab92e0e038e4eeaeed4c184a896885e1b0fbbc3ef5ae6df328db80
Feehi CMS 2.1.1 Cross Site Scripting
Posted Aug 9, 2022
Authored by Shivam Singh

Feehi CMS version 2.1.1 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2022-34140
SHA-256 | d361efcdb1b82d5a2eb48510dede7b1357037345197851159d3a6375b4284b66
Thingsboard 3.3.1 Cross Site Scripting
Posted Aug 8, 2022
Authored by Steffen Langenfeld, Sebastian Biehler

Thingsboard version 3.3.1 suffers from multiple persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2021-42750, CVE-2021-42751
SHA-256 | ebc19fabae10baaf27a649ed72c78fdc00a6360b84c4b01f5754b78406a8b3c2
Ubuntu Security Notice USN-5552-1
Posted Aug 8, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5552-1 - It was discovered that phpLiteAdmin incorrectly handled certain GET requests. An attacker could possibly use this issue to perform cross-site scripting attacks.

tags | advisory, xss
systems | linux, ubuntu
advisories | CVE-2021-46709
SHA-256 | d11c28be54d29888fbcb81900ade5f92a7f9ce5670ae0c80a2bd652530514a01
Nortek Linear eMerge E3-Series Account Takeover
Posted Aug 8, 2022
Authored by Omar Hashim

Nortek Linear eMerge E3-Series version 0.32-07p suffers from a vulnerability where session fixation tied with cross site scripting can allow for account takeover.

tags | exploit, xss
advisories | CVE-2022-31798
SHA-256 | 6a30c71e741d3009dbaf81b18d14a4260f6043c44ce1ca7ff3fc8841c01a990e
WordPress Testimonial Slider And Showcase 2.2.6 Cross Site Scripting
Posted Aug 5, 2022
Authored by yunaranyancat, saitamang, amd_syad

WordPress Testimonial Slider and Showcase plugin version 2.2.6 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 25ecbf595ef86f9db782f57ba84d4478ef9c33a63a205a448ca3413ea4fe1f09
Wavlink WN533A8 Cross Site Scripting
Posted Aug 1, 2022
Authored by Ahmed Alroky

Wavlink WN533A8 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2022-34048
SHA-256 | 48c5e34195262eb0f79803e13d423ea91d98f8a27b6999d304b3fe1661f90c4d
Crime Reporting System 1.0 Cross Site Scripting
Posted Jul 29, 2022
Authored by Eslam Reda

Crime Reporting System version 1.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 134f7cc89e016dd40ec6f94be6c14e9a72f24e41d92ceac88aa2cd6916a78c10
Transposh WordPress Translation 1.0.7 Cross Site Scripting
Posted Jul 29, 2022
Authored by Julien Ahrens | Site rcesecurity.com

Transposh WordPress Translation versions 1.0.7 and below have an ajax action "tp_translation" which is available to authenticated or unauthenticated users (see CVE-2022-2461) that allows them to submit new translations. Translations submitted this way are shown on the Transposh administrative interface on the pages "tp_main" and "tp_editor". However, since the plugin does not properly validate and sanitize the submitted translation, arbitrary Javascript code can be permanently injected and executed directly within the backend across all users visiting the page with the roles of at least "Subscriber" and up to "Administrator".

tags | exploit, arbitrary, javascript, xss
advisories | CVE-2021-24911
SHA-256 | 484332c9e36ec88f8a190cc80119a1f22da60e0f49e9a327a7f7268bba597fb7
Transposh WordPress Translation 1.0.7 Cross Site Scripting
Posted Jul 29, 2022
Authored by Julien Ahrens | Site rcesecurity.com

Transposh WordPress Translation versions 1.0.7 and below have an ajax action "tp_tp" that is vulnerable to an unauthenticated/authenticated reflected cross site scripting vulnerability when user-supplied input to the HTTP GET parameter "q" is processed by the web application. Since the application does not properly validate and sanitize this parameter, it is possible to place arbitrary script code onto the same page.

tags | exploit, web, arbitrary, xss
advisories | CVE-2021-24910
SHA-256 | 126f6f0908b2d0af3788074669b78c52b992a1d268ad9fca40e951bf16e63e90
WordPress WP-UserOnline 2.87.6 Cross Site Scripting
Posted Jul 29, 2022
Authored by Steffin Stanly

WordPress WP-UserOnline plugin versions 2.87.6 and below suffer from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | f6801eabd968457a104d901ce64897fb4b492fbd508a10ad3532e3d5615da08a
Debian Security Advisory 5186-1
Posted Jul 28, 2022
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5186-1 - Two cross-site scripting vulnerabilities were discovered in the Django Rest Framework, a toolkit to build web APIs.

tags | advisory, web, vulnerability, xss
systems | linux, debian
advisories | CVE-2020-25626
SHA-256 | 47c3646bedc7cb7bc7091bfe2d1ba09ec9dbab15bb2c8d3b6bd18cab67cdbd05
Loan Management System 1.0 Cross Site Scripting
Posted Jul 28, 2022
Authored by saitamang

Loan Management System version 1.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 0e8f410ee7c0e0ebb79866fa6e7831932c94c07784f5823be2d5b028778e2249
Open-Xchange App Suite 7.10.x Cross Site Scripting / Command Injection
Posted Jul 22, 2022
Authored by Martin Heiland

Open-Xchange App Suite versions 7.10.6 and below suffer from OS command injection and cross site scripting vulnerabilities. One particular cross site scripting issue only affects versions 7.10.5 and below.

tags | advisory, vulnerability, xss
advisories | CVE-2021-42550, CVE-2022-23099, CVE-2022-23100, CVE-2022-23101, CVE-2022-24405, CVE-2022-24406
SHA-256 | 145c2f74cfe9370dfbec4b0f72f06c5a67138afef07940be7a7e97d9a4b1f072
DASDEC Cross Site Scripting / HTML Injection
Posted Jul 21, 2022
Authored by Ken Pyle

The Monroe Electronics / Digital Alert Systems OneNet SE DASDEC Emergency Alert System Appliance suffers from cross site scripting and html injection vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 82f6d98418853066b6a98235aa9b2f3a0913d729dcbf7cc7b1e70d395b6a8bad
Ubuntu Security Notice USN-5527-1
Posted Jul 20, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5527-1 - It was discovered that Checkmk incorrectly handled authentication. An attacker could possibly use this issue to cause a race condition leading to information disclosure. It was discovered that Checkmk incorrectly handled certain inputs. An attacker could use these cross-site scripting issues to inject arbitrary html or javascript code to obtain sensitive information including user information, session cookies and valid credentials.

tags | advisory, arbitrary, javascript, xss, info disclosure
systems | linux, ubuntu
advisories | CVE-2017-14955, CVE-2021-40906, CVE-2022-24565
SHA-256 | 45daf753e998edd792b4728e6f35f35c6493b1e6cc974ee1082da7f33c59b2dc
Ubuntu Security Notice USN-5522-1
Posted Jul 19, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5522-1 - Several security issues were discovered in WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

tags | advisory, remote, web, denial of service, arbitrary, javascript, code execution, xss
systems | linux, ubuntu
advisories | CVE-2022-22677
SHA-256 | 0f0f438214ff796ec27381779ba61d110957c201c68b02d7b912474263bc9aa9
PrestaShop 1.7.6.7 Cross Site Scripting
Posted Jul 14, 2022
Authored by Priyanka Samak

PrestaShop version 1.7.6.7 suffers from a cross site scripting vulnerability via the file upload functionality.

tags | exploit, xss, file upload
advisories | CVE-2020-21967
SHA-256 | fd8caaa9cec4a7055dd238f60bb28982f0acab62605c410f5808fff8eccaa174
Red Hat Security Advisory 2022-5498-01
Posted Jul 6, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5498-01 - Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring of multiple Linux deployments with a single centralized tool. Issues addressed include HTTP request smuggling, buffer overflow, bypass, code execution, cross site scripting, denial of service, heap overflow, information leakage, privilege escalation, remote shell upload, remote SQL injection, and traversal vulnerabilities.

tags | advisory, remote, web, denial of service, overflow, shell, vulnerability, code execution, xss, sql injection
systems | linux, redhat
advisories | CVE-2021-21290, CVE-2021-21295, CVE-2021-21409, CVE-2021-30151, CVE-2021-3200, CVE-2021-32839, CVE-2021-33928, CVE-2021-33929, CVE-2021-33930, CVE-2021-33938, CVE-2021-3584, CVE-2021-41136, CVE-2021-4142, CVE-2021-42550
SHA-256 | c0789250da6e85f6ddbf1eff137427983e596902d3fa57015a6fd21b598eac60
EQS Integrity Line Cross Site Scripting / Information Disclosure
Posted Jul 6, 2022
Authored by Giovanni Pellerano | Site ush.it

EQS Integrity Line versions through 2022-07-01 suffer from cross site scripting and sensitive information disclosure vulnerabilities.

tags | exploit, vulnerability, xss, info disclosure
advisories | CVE-2022-34007
SHA-256 | 21a47b9fbd11e6b29f25b46678eefbe67cd2ecd6ec063d64543e0d2d12795718
Magnolia CMS 6.2.19 Cross Site Scripting
Posted Jul 6, 2022
Authored by Giulio Garzia

Magnolia CMS versions 6.2.19 and below suffer from a persistent cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2022-33098
SHA-256 | 289cfd7e8ab83c714ebf68612f0144514c8350c9893a24195c411ff0823a4ab5
Page 5 of 700
Back34567Next

File Archive:

December 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    2 Files
  • 2
    Dec 2nd
    12 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    14 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    11 Files
  • 8
    Dec 8th
    36 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close