Powerful Chromium Browser to find XSS Vulnerabilities automatically while browsing web, it can detect many case scenarios with support for POST requests too Installation Usage Just browse the web like a normal web browser then […]
The MyBB Forum plugin Timeline version 1.0 is vulnerable to XSS(Cross site Scripting) and CSRF(Cross Site Request Forgery) attacks.
Oracle Business Intelligence Enterprise Edition version 22.214.171.124.140715 is vulnerable to a stored cross site scripting exploit.
An automation tool that scans sub-domains, sub-domain takeover and then filters out xss, ssti, ssrf and more injection point parameters. Requirements: Go Language, Python 2.7 or Python 3. System requirements: Recommended to run on vps […]
Currently WordPress Core Version 5.2.2 suffers from cross site scripting vulnerability located within “post previews”. Flaw is fixed by upgrading to WordPress version
Installation Dependencies: LinkFinder Usage To run the tool on a target, just use the following command. This will run the tool against domain.tld. URLs can also be piped to findom-xss and scan on them. For […]
The CGI and FastCGI implementations in the Go standard library behave differently from the HTTP server implementation when serving content. In contrast to the documented behavior, they may return non-HTML data as HTML. This may […]