#Exploit Title: October CMS v3.4.4 - Stored Cross-Site Scripting (XSS) (Authenticated)#Date: 29 June 2023#Exploit Author: Okan Kurtulus#Vendor Homepage: https://octobercms.com#Version: v3.4.4#Tested on: Ubuntu 22.04#CVE : N/A# Proof of Concept:1– Install the system through the website and log in with any user with file upload authority.2– Select "Media" in the top menu. Prepare an SVG file using
# Exploit Title: Student Study Center Management System v1.0 - Stored Cross-Site Scripting (XSS)# Date of found: 12/05/2023# Exploit Author: VIVEK CHOUDHARY @sudovivek# Version: V1.0# Tested on: Windows 10# Vendor Homepage: https://phpgurukul.com# Software Link: https://phpgurukul.com/student-study-center-management-system-using-php-and-mysql/# CVE: CVE-2023-33580# CVE URL: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33580Vulnerability Description -The Student Study Center Management System V1.0, developed by PHPGurukul, is susceptible to a
W3 Eden recently patched an Authenticated Stored Cross-Site Scripting vulnerability in Download Manager.On April 25, 2023, our Wordfence Threat Intelligence team identified and began the responsible disclosure process for a stored Cross-Site Scripting (XSS) vulnerability in W3 Eden’s Download Manager plugin, which is actively installed on more than 100,000 WordPress websites, making it one of