seeing is believing
Showing 126 - 150 of 15,085 RSS Feed

XSS Files

WordPress BestWebSoft XSS / CSRF
Posted Apr 13, 2017
Authored by DefenseCode, Neven Biruski

53+ WordPress plugins by BestWebSoft suffer from cross site scripting and cross site request forgery vulnerabilities.

tags | exploit, vulnerability, xss, csrf
MD5 | 265031dbb6abada51eb891db78c25fcd
Red Hat Security Advisory 2017-0898-01
Posted Apr 12, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0898-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. Security Fix: A number of unused delete routes are present in CloudForms which can be accessed via GET requests instead of just POST requests. This could allow an attacker to bypass the protect_from_forgery XSRF protection causing the routes to be used. This attack would require additional cross-site scripting or similar attacks in order to execute.

tags | advisory, web, xss, ruby
systems | linux, redhat
advisories | CVE-2017-2653
MD5 | 45af748afc5d4df8b78db2ab572c2521
MyBB Cross Site Scripting
Posted Apr 11, 2017
Authored by Zhiyang Zeng

MyBB versions prior to 1.8.11 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 591df73b7ff44e890d53d2d7d2cbd00e
Ubuntu Security Notice USN-3257-1
Posted Apr 11, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3257-1 - A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

tags | advisory, remote, web, denial of service, arbitrary, javascript, code execution, xss
systems | linux, ubuntu
advisories | CVE-2016-9642, CVE-2016-9643, CVE-2017-2364, CVE-2017-2367, CVE-2017-2376, CVE-2017-2377, CVE-2017-2386, CVE-2017-2392, CVE-2017-2394, CVE-2017-2395, CVE-2017-2396, CVE-2017-2405, CVE-2017-2415, CVE-2017-2419, CVE-2017-2433, CVE-2017-2442, CVE-2017-2445, CVE-2017-2446, CVE-2017-2447, CVE-2017-2454, CVE-2017-2455, CVE-2017-2457, CVE-2017-2459, CVE-2017-2460, CVE-2017-2464, CVE-2017-2465, CVE-2017-2466, CVE-2017-2468
MD5 | cfcad6a0754304b4fab8d7a9aa55d3f6
WordPress Tribulant Slideshow Gallery 1.6.5 Cross Site Scripting
Posted Apr 10, 2017
Authored by DefenseCode, Neven Biruski

WordPress Tribulant Slideshow Gallery plugin versions 1.6.4 and below suffer from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 5741ae5fa8e37ddb93b6ee5632cf37d8
WebKit Synchronous Page Load UXSS
Posted Apr 10, 2017
Authored by Google Security Research, lokihardt

WebKit suffers from a cross site scripting vulnerability via a synchronous page load.

tags | exploit, xss
advisories | CVE-2017-2480
MD5 | fdf9dcb26a4c3fe75f6a4e5f72ae0bdd
WebKit Focus Event UXSS
Posted Apr 10, 2017
Authored by Google Security Research, lokihardt

WebKit suffers from a cross site scripting vulnerability via a focus event and a link element.

tags | advisory, xss
advisories | CVE-2017-2479
MD5 | c8b52cd89456bb82333d2fb8bc906995
Apple WebKit disconnectSubframes UXSS
Posted Apr 9, 2017
Authored by Google Security Research, lokihardt

Apple WebKit suffered from a cross site scripting vulnerability via disconnectSubframes.

tags | exploit, xss
systems | apple
advisories | CVE-2017-2445
MD5 | 75a1f73f115f033e90d6b612154a99d0
Apple WebKit JSCallbackData UXSS
Posted Apr 9, 2017
Authored by Google Security Research, lokihardt

Apple WebKit suffered from a cross site scripting vulnerability with JSCallbackData.

tags | exploit, xss
systems | apple
advisories | CVE-2017-2442
MD5 | 83ae0d1b377d360be9909356995e7ec2
Apple Webkit Named Property UXSS
Posted Apr 9, 2017
Authored by Google Security Research, lokihardt

Apple Webkit suffered from a cross site scripting vulnerability when accessing a named property from an unloaded window.

tags | exploit, xss
systems | apple
advisories | CVE-2017-2367
MD5 | e7247888d10503970219f34be3edfb65
Apple WebKit Frame::setDocument UXSS
Posted Apr 9, 2017
Authored by Google Security Research, lokihardt

Apple WebKit suffered from a cross site scripting vulnerability in Frame::setDocument (1).

tags | exploit, xss
systems | apple
advisories | CVE-2017-2364
MD5 | 178dc774b0b87a7aaf1a46790648feaf
ASUS WRT Cross Site Scripting Nmap NSE Script
Posted Apr 7, 2017
Authored by Rewanth Cool

This NSE script for Nmap exploits a cross site scripting vulnerability in ASUS WRT.

tags | exploit, xss
advisories | CVE-2017-6547
MD5 | 1c028114f0e04e4cd98a6819d2570432
VMU-C CSRF / XSS / Access Control
Posted Apr 6, 2017
Authored by Karn Ganeshen

The VMU-C webserver suffers from cross site request forgery, cross site scripting, access control, weak credential management, and insecure storage vulnerabilities. VMU-C EM prior to firmware Version A11_U05 and VMU-C PV prior to firmware Version A17 are affected.

tags | advisory, vulnerability, xss, info disclosure, csrf
advisories | CVE-2017-5144, CVE-2017-5145, CVE-2017-5146
MD5 | 07e16456b846d15782e24a428bd71425
WordPress Firewall 2 1.3 Cross Site Request Forgery / Cross Site Scripting
Posted Apr 6, 2017
Authored by Tom Adams

WordPress Firewall 2 version 1.3 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
MD5 | 9cba4da0c8d9e5bdf1580330f2044878
iPlatinum iOneView Cross Site Scripting
Posted Apr 6, 2017
Authored by Patrick Webster

iPlatinum iOneView suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 3f9fed4ce85ee1fede4977bc23ef4a4a
LanternCMS Cross Site Scripting / SQL Injection
Posted Apr 4, 2017
Authored by Patrick Webster

LanternCMS suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | c6dc19aaa740a4e40266054eac2de5a3
SmartJobBoard 5.0.9 Cross Site Scripting / Information Disclosure
Posted Apr 4, 2017
Authored by Patrick Webster

SmartJobBoard version 5.0.9 suffers from cross site scripting and information disclosure vulnerabilities.

tags | exploit, vulnerability, xss, info disclosure
MD5 | 70a0ad7b8292144d4c2b0090c4b03c63
ManageEngine Applications Manager 12 / 13 XSS / SQL Injection / Code Execution
Posted Apr 4, 2017
Authored by Lukasz Juszczyk

ManageEngine Applications Manager versions 12 and 13 suffers from code execution, cross site scripting, XXE injection, and remote SQL injection vulnerabilities.

tags | advisory, remote, vulnerability, code execution, xss, sql injection
advisories | CVE-2016-9488, CVE-2016-9489, CVE-2016-9490, CVE-2016-9491, CVE-2016-9498
MD5 | 3955f3dbd6d2315f052f3f25d5c3a78f
Inchoo Facebook Connect Cross Site Scripting
Posted Apr 4, 2017
Authored by Patrick Webster

Inchoo Facebook Connect plugin suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 5a0e026b50724d8c4897217a8c2acb1e
HP Security Bulletin HPESBGN03721 1
Posted Apr 4, 2017
Authored by HP | Site hp.com

HP Security Bulletin HPESBGN03721 1 - A potential vulnerability has been identified in HPE Operations Bridge Analytics. The vulnerability could be exploited to allow remote cross-site scripting (XSS). Revision 1 of this advisory.

tags | advisory, remote, xss
advisories | CVE-2017-5800
MD5 | 46f34a7e0a811692fcca849a298cc937
AcoraCMS 7.0.0.6 Browser Redirect / Cross Site Scripting
Posted Apr 4, 2017
Authored by Patrick Webster

AcoraCMS version 7.0.0.6 suffers from arbitrary browser redirect and cross site scripting vulnerabilities.

tags | exploit, arbitrary, vulnerability, xss
MD5 | ebf9294c3ed3902b8146bd20c62ca6bf
Kaseya VSA 6.5.0.0 XSS / Brute Force
Posted Apr 4, 2017
Authored by Patrick Webster

Kaseya VSA version 6.5.0.0 suffers from cross site scripting and brute forcing vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 422ace8363b61c9858ef75bd8a974044
Chimein.mozilla.org Cross Site Scripting
Posted Apr 3, 2017
Authored by Yann CAM

Chimein.mozilla.org suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 7ba9f4a4d61281bba898e7e5feaf31b6
Pixie 1.0.4 Cross Site Scripting
Posted Mar 29, 2017
Authored by rungga_reksya, dickysofficial

Pixie version 1.0.4 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 24249a4654eec497afc46dec69ab9f59
NetComm NB16WV-02 Cross Site Scripting
Posted Mar 27, 2017
Authored by Luke Symons

NetComm NB16WV-02 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2017-5900
MD5 | 57e40e787ed8059944575ca57c5b8030
Page 6 of 604
Back45678Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    2 Files
  • 24
    Jul 24th
    19 Files
  • 25
    Jul 25th
    28 Files
  • 26
    Jul 26th
    2 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close