Grav CMS 1.7.44 Server-Side Template Injection

Ruby-SAML / GitLab Authentication Bypass

iTunes For Windows 12.13.2.3 Local Privilege Escalation

ABB Cylon Aspect 3.08.00 syslogSwitch.php Remote Code Execution

ABB Cylon Aspect 3.08.01 caldavUtil.php Remote Code Execution

Jcow Social Networking versions 14.2 up to 16.2.1 suffer from a persistent cross site scripting vulnerability.

Change Mirror Download

    # Exploit Title: Jcow Social Networking 14.2 < 16.2.1 | Stored XSS # Date: 2024-05-23# Author: tmrswrr# Vendor Homepage: https://www.jcow.net/# Software Link: https://sourceforge.net/projects/jcow/# Tested : https://demo.jcow.net/# Version : 14.2 < 16.2.11) Login with any user Click invite place : https://127.0.0.1/Jcow/index.php?p=invite2) Write in To (Email address) field your payload : "><img src=x onerrora=confirm() onerror=confirm(1)>3) After Send invitations you will be see alert button

Headline

Jcow Social Network Cross Site Scripting

Packet Storm: Latest News