Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2015-5521: Black Cat CMS 1.1.2 Cross Site Scripting ≈ Packet Storm

Cross-site scripting (XSS) vulnerability in BlackCat CMS 1.1.2 allows remote attackers to inject arbitrary web script or HTML via the name in a new group to backend/groups/index.php.

CVE
Open in Source
#xss#vulnerability#web#java#php

Change Mirror Download

​# Affected software: black cat cms# Type of vulnerability:stored xss# URL:http://blackcat-cms.org/# Discovered by: provensec# Website: provensec.com#version:BlackCat CMS 1.1.2# Proof of concept​goto ad group pagehttp://demo.opensourcecms.com/blackcat/backend/groups/index.phpand and new group with name as xss payload "><img src=d onerror=confirm(1);>and javascript will execute

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE
CVE-2023-6905
CVE
CVE-2023-6903
CVE
CVE-2023-6904
CVE
CVE-2023-3907
CVE