Author : mustlive
Page 1 of 160 exploits
 |
Title | Author | Platform | Source | Description | Date |
|---|---|---|---|---|---|---|
|
WordPress Video JS Cross Site Scripting | MustLive | na | packetstormsecurity.org | Various WordPress plugins that embed video-js.swf suffer from cross site scripting vulnerabilities. These include Video Embed and Thumbnail Generator, External "Video for Everybody", 1player, S3 Video and EasySqueezePage. | Tuesday |
|
|
WordPress Search And Share 0.9.3 Cross Site Scripting | MustLive | na | packetstormsecurity.org | WordPress Search and Share plugin versions 0.9.3 and below suffer from cross site scripting and path disclosure vulnerabilities. | May 12 |
|
|
JW Player / JW Player Pro 5.x Cross Site Scripting | MustLive | na | packetstormsecurity.org | JW Player and JW Player Pro versions prior to 5.10.2393 suffer from a cross site scripting vulnerability. | May 6 |
|
|
VideoJS Cross Site Scripting | MustLive | na | packetstormsecurity.org | VideoJS suffers from a cross site scripting vulnerability. | May 6 |
|
|
jPlayer 2.2.22 XSS / Content Spoofing | MustLive | na | packetstormsecurity.org | jPlayer versions prior to 2.2.23 suffers from cross site scripting and content spoofing vulnerabilities. | April 21 |
|
|
WordPress Colormix XSS / Content Spoofing / Path Disclosure | MustLive | na | packetstormsecurity.org | WordPress Colormix theme suffers from cross site scripting, path disclosure, and content spoofing vulnerabilities. | April 21 |
|
|
Dotclear 2.4.4 Cross Site Scripting / Content Spoofing | MustLive | na | packetstormsecurity.org | CMS Dotclear version 2.4.4 suffers from cross site scripting and content spoofing vulnerabilities. | April 13 |
|
|
ZeroClipbord.swf Cross Site Scripting / Path Disclosure | MustLive | na | packetstormsecurity.org | ZeroClipboard.swf as included with multiple themes in WordPress suffers from cross site scripting and path disclosure vulnerabilities. | April 9 |
|
|
Lotus Domino 8.5.4 Cross Site Scripting | MustLive | na | packetstormsecurity.org | Lotus Domino versions 8.5.4 and below suffer from multiple cross site scripting vulnerabilities. | March 27 |
|
|
D-Link DAP 1150 Cross Site Request Forgery | MustLive | na | packetstormsecurity.org | This file contains multiple cross site request forgery proof of concepts for old issues associated with the D-Link DAP 1150. | March 9 |
|
|
Question2Answer Cross Site Request Forgery | MustLive | na | packetstormsecurity.org | This is a demonstration cross site request forgery exploit for Question2Answer that also takes advantage of an insufficient anti-automation issue. | March 8 |
|
|
Question2Answer 1.5.3 CSRF / Brute Force | MustLive | na | packetstormsecurity.org | Question2Answer version 1.5.2 suffers from cross site request forgery, anti-automation, and brute force vulnerabilities. | March 2 |
|
|
Various Applications Include ZeroClipboard XSS | MustLive | na | packetstormsecurity.org | YAML, MultiProject extension for Trac, UserCollections extension for Piwigo, TAO and TableTools plugin for DataTables plugin for jQuery are all affected by the cross site scripting issues discovered in ZeroClipboard as they include the swf. | February 20 |
|
|
ZeroClipboard 1.0.7 Cross Site Scripting | MustLive | na | packetstormsecurity.org | ZeroClipboard version 1.0.7 suffers from a cross site scripting vulnerability. | February 18 |
|
|
IBM Lotus Domino 8.5.3 XSS / CSRF / Redirection | MustLive | na | packetstormsecurity.org | IBM Lotus Domino version 8.5.3 suffers from cross site request forgery, cross site scripting, and redirection vulnerabilities. | February 15 |