Nikhil Mittal - Security Researcher - Exploit Intelligence Platform

CVE-2019-0678 NOMISEC MEDIUM WRITEUP

Microsoft Edge - Privilege Escalation

An elevation of privilege vulnerability exists when Microsoft Edge does not properly enforce cross-domain policies, which could allow an attacker to access information from one domain and inject it into another domain.In a web-based attack scenario, an attacker could host a website that is used to attempt to exploit the vulnerability, aka 'Microsoft Edge Elevation of Privilege Vulnerability'.

CVSS 6.8

View Code

CVE-2018-6550 WRITEUP MEDIUM WRITEUP

Monstra < 3.0.4 - Stored Cross-Site Scripting via Page Title in Admin Panel

Monstra CMS through 3.0.4 has XSS in the title function in plugins/box/pages/pages.plugin.php via a page title to admin/index.php.

CVSS 5.4

View Code

CVE-2017-15730 EXPLOITDB HIGH text WORKING POC

phpmyfaq < 2.9.8 - Cross-Site Request Forgery in admin/stat.ratings.php

In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/stat.ratings.php.

CVSS 8.8

View Code

CVE-2017-15727 EXPLOITDB MEDIUM text WORKING POC

phpmyfaq < 2.9.8 - Stored Cross-Site Scripting via HTML Attachment

In phpMyFAQ before 2.9.9, there is Stored Cross-site Scripting (XSS) via an HTML attachment.

CVSS 5.4

View Code