Jenkins 2.251 and earlier, LTS 2.235.3 and earlier does not escape the tooltip content of help icons. Tooltip values can be contributed by plugins, some of which use user-specified values. This results in a stored cross-site scripting (XSS) vulnerability. Jenkins 2.252, LTS 2.235.4 escapes the tooltip content of help icons.
The Popup Builder – Responsive WordPress Pop up – Subscription & Newsletter Plugin is vulnerable to stored cross site scripting. There are multiple parameters vulnerable to cross site scripting. All versions up to 3.69.6 are vulnerable to stored cross site scripting. Cross site scripting (XSS) is a common attack vector that injects malicious code into a vulnerable web application. XSS differs from other web attack vectors (e.g., SQL injections), in that it does not directly target the application itself. Instead, the users of the web application are the ones at risk. A successful cross site scripting attack can have devastating consequences for an online business’s reputation and its relationship with its clients. Stored XSS, also known as persistent XSS, is the more damaging of the two. It occurs when a malicious script is injected directly into a vulnerable web application.
Open the Application and check the URL http://localhost/eb_magalona_lms. Open Admin Login and enter username: a' or 1=1-- and password: ' and click on login. The SQL payload gets executed and authorization is bypassed successfully.
A stored cross-site scripting (XSS) vulnerability exists in Openfire 4.6.0. An attacker can send a specially crafted HTTP POST request to the vulnerable server with a malicious payload in the 'path' parameter. This can allow the attacker to execute arbitrary JavaScript code in the context of the vulnerable application.
This product have the functionality which let user to add the wish-list of other user in to his/her cart. So, user A can add products to his/her wish-list and can make his/her wish-list public which let other users to see the wish-list. Attack Vector: 1. create two accounts A(attacker) & B(victim) 2. login with A and add a product in cart and capture that particular request in burpsuite. 3. Now change the quantity if want and then create a csrf poc of that request. 4. Save it as .html and send it to victim. Now the product added to victims cart.
Barcodes generator 1.0 is vulnerable to Stored Cross Site Scripting. An attacker can inject malicious JavaScript code into the 'name' parameter of the 'index.php' page. The malicious code is then stored in the database and executed when the page is loaded.
Task Management System 1.0 is vulnerable to SQL Injection. An attacker can inject malicious SQL queries to view the contents of the database. This can be done by capturing the request of the 'page=view_project&id=' page in Burp Suite and running SQLMap on the request file.
Log in to the CMS with any valid user credentials. Click on the logged in username on header and select Manage Account. Upload a php payload ( i used the default php webshell in /usr/share/webshells/php/php-reverse-shell.php) or a jpeg image embeded with a php payload. Then update profile. Click on username on header again and select Manage Account. Right click on the uploaded php payload or embeded image located under the 'choose avatar form' then copy image location. Start nc listener and paste the url in browser. This will trigger the remote code execution if you used a php shell.
Task Management System 1.0 is vulnerable to stored XSS. An attacker can exploit this vulnerability by logging in to the CMS with any valid user credentials, clicking on the logged in username on header and selecting Manage Account, renaming the user First Name or Last Name to a malicious script, updating the profile and logging out and logging in again. This will trigger the XSS and the page will display the domain name.
Tibco's documentation states that there are three modes of operation for this ObfuscationEngine tooling: Using a custom key, using a machine key, and using a fixed key. Secrets obfuscated using the Tibco fixed key can be recognized by the fact that they start with the characters #!. Regardless of country, customer, network or version of Tibco, any secret that was obfuscated with Tibco's ObfuscationEngine can be decrypted using a Java tool. It does not require access to Tibco software or libraries. All you need are exfiltrated secret strings that start with the characters #!.
Services By CQR