xss Archives — Page 3 of 3

WordPress Plugin All In One Favicon Cross Site Scripting

July 19, 2018 Admin

# Exploit Title: WordPress Plugin All In One Favicon <= 4.6 – Authenticated Multiple XSS Persistent # Date: 2018-07-10 # Exploit Author: Javier Olmedo # Website: https://hackpuntes.com/ # Vendor Homepage: http://www.techotronic.de/ # Software Link: https://wordpress.org/plugins/all-in-one-favicon/ […]

MyBB New Threads Plugin – Cross-Site Scripting

July 19, 2018 Admin

# Exploit Title: MyBB New Threads Plugin – Cross-Site Scripting # Date: 7/16/2018 # Author: 0xB9 # Twitter: @0xB9Sec # Contact: 0xB9[at]pm.me # Software Link: https://community.mybb.com/mods.php?action=view&pid=1143 # Version: 1.1 # Tested on: Ubuntu 18.04 # […]

WordPress Plugin Job Manager v4.1.0 Stored Cross Site

July 18, 2018July 18, 2018 Admin

# Exploit Title: WordPress Plugin Job Manager v4.1.0 Stored Cross Site Scripting # Google Dork: N/A # Date: 2018-07-15 # Exploit Author: Berk Dusunur & Selimcan Ozdemir # Vendor Homepage: https://wpjobmanager.com # Software Link: https://downloads.wordpress.org/plugin/wp-job-manager.latest-stable.zip […]

Instagram Clone Script 2.0 Cross-Site Scripting

July 12, 2018 Admin

# Exploit Title: Instagram-clone Script 2.0 – Cross-Site Scripting # Date: 2018-07-10 # Exploit Author: L0RD # Vendor Homepage: https://github.com/yTakkar/Instagram-clone # Version: 2.0 # CVE: CVE-2018-13849 # Tested on: Kali linux # POC : Persistent […]

Canon PrintMe EFI – Cross-Site Scripting

June 12, 2018 Admin

# Title: Canon PrintMe EFI – Cross-Site Scripting # Date: 9.6.2018-06-09 # Exploit Author: Huy Kha # Vendor Homepage: [https://www.efi.com/] # Version: Canon PrintMe EFI # Tested on: Mozilla FireFox # CVE: CVE-2018-12111 # XSS […]

MyBB ChangUonDyU Plugin 1.0.2 – Cross-Site Scripting

May 29, 2018 Admin

# Exploit Title: MyBB ChangUonDyU Advanced Statistics Plugin v1.0.2 – Cross-Site Scripting # Date: 5/25/2018 # Author: 0xB9 # Twitter: @0xB9Sec # Contact: 0xB9[at]pm.me # Software Link: https://community.mybb.com/mods.php?action=view&pid=1125 # Version: 1.0.2 # Tested on: Ubuntu […]

Honeywell XL Web Controller – Cross-Site Scripting

May 24, 2018 Admin

# Exploit Title: Honeywell XL Web Controller – Cross-Site Scripting # Date: 2018-05-24 # Exploit Author: t4rkd3vilz # Vendor Homepage: https://www.honeywell.com # Version: WebVersion : XL1000C50 EXCEL WEB 52 I/O, XL1000C100 EXCEL WEB # 104 […]

Easy File Uploader 1.7 – SQL Injection / Cross-Site Scripting

May 22, 2018 Admin

# Exploit Title: Easy File Uploader 1.7 – SQL Injection / Cross-Site Scripting # Dork: N/A # Date: 22.05.2018 # Exploit Author: Özkan Mustafa Akkuş (AkkuS) # Vendor Homepage: https://codecanyon.net/item/easy-file-uploader-php-multiple-uploader-with-file-manager/17222287 # Version: 1.4 / fourth […]

RSA Authentication Manager 8.2.1.4.0-build1394922 / < 8.3 P1 - XML External Entity Injection / Cross-Site Flashing / DOM Cross-Site Scriptin

May 17, 2018 Admin

SEC Consult Vulnerability Lab Security Advisory < 20180516-0 > ======================================================================= title: XXE & XSS vulnerabilities product: RSA Authentication Manager vulnerable version: 8.2.1.4.0-build1394922, < 8.3 P1 fixed version: 8.3 P1 and later CVE number: CVE-2018-1247 impact: […]

Multiplayer BlackJack Online Casino Game 2.5 – Persistent Cross-Site Scripting

May 17, 2018 Admin

# Exploit Title: Multiplayer BlackJack – Online Casino Game 2.5 – Persistent Cross-Site scripting # Date: 2018-05-16 # Exploit Author: L0RD # Vendor Homepage: https://codecanyon.net/item/multiplayer-blackjack-online-casino-game/15411706?s_rank=1628 # CVE: N/A # Version: 2.5 # Description : Multiplayer […]