Rumble Mail Server 0.51.3135 – ‘domain and path’ Stored XSS
>> AUTHOR: deepcore
Rumble Mail Server 0.51.3135 – ‘domain and path’ Stored XSS
LibreNMS 1.46 – MAC Accounting Graph Authenticated SQL Injection
Rukovoditel 2.6.1 – Cross-Site Request Forgery (Change password)
Macally WIFISD2-2A82 2.000.010 – Guest to Root Privilege Escalation
Rumble Mail Server 0.51.3135 – ‘username’ Stored XSS
Gitlab 11.4.7 – Remote Code Execution
WordPress DirectoriesPro plugin version 1.3.45 suffers from multiple cross site scripting vulnerabilities.
The OpenAsset Digital Asset Management web application allowed for spoofing of IP addresses by using X-Forwarded-For header. By default, the web application would allow all traffic in for 127.0.0.1, in…
Online Bus Booking System Project using PHP MySQL version 1.0 suffers from a persistent cross site scripting vulnerability.
The OpenAsset Digital Asset Management web application suffers from multiple reflected and persistent cross site scripting vulnerabilities. Vulnerable versions include 12.0.19 (Cloud) and 11.2.1 (On-premise).