WordPress WP-Invoice 4.3.1 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
WordPress WP-Invoice plugin version 4.3.1 suffers from a persistent cross site scripting vulnerability.
Archive for April, 2022
Gitlab 14.9 Authentication Bypass
Posted by deepcore under exploit (No Respond)
Gitlab versions 14.9 prior to 14.9.2, 14.8 prior to 14.8.5, and 14.7 prior to 14.7.7 suffer from a bypass vulnerability due to having set a hardcoded password for accounts registered using an OmniAuth provider.
Gitlab 14.9 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
Gitlab versions 14.9 prior to 14.9.2, 14.8 prior to 14.8.5, and 14.7 prior to 14.7.7 suffer from a persistent cross site scripting vulnerability.
WordPress Coru LFMember 1.0.2 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
WordPress Coru LFMember plugin version 1.0.2 suffers from a persistent cross site scripting vulnerability.
WordPress Coru LFMember 1.0.2 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
WordPress Coru LFMember plugin version 1.0.2 suffers from a persistent cross site scripting vulnerability.
http://phutthaisonglocal.go.th/pentest.php
Posted by deepcore under defacement (No Respond)
http://phutthaisonglocal.go.th/pentest.php notified by AnonCoders
Tags: defacementWordPress ScrollReveal.js Effects 1.1.1 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
WordPress ScrollReveal.js Effects plugin version 1.1.1 suffers from a persistent cross site scripting vulnerability.
Joomla Sexy Polling 2.1.7 SQL Injection
Posted by deepcore under exploit (No Respond)
Joomla Sexy Polling extension versions 2.1.7 and below suffer from a remote SQL injection vulnerability.
[webapps] GitLab 14.9 – Stored Cross-Site Scripting (XSS)
Posted by deepcore under Security (No Respond)