steirerhof.net Cross Site Scripting vulnerability OBB-3927702
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
idealcostabrava.net Cross Site Scripting vulnerability OBB-3927699
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
ink-noe.net Cross Site Scripting vulnerability OBB-3927698
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
futurerp.net Cross Site Scripting vulnerability OBB-3927697
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
scriptavolant.net Cross Site Scripting vulnerability OBB-3927696
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
enternomansland.nl Cross Site Scripting vulnerability OBB-3927695
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
tsan.net Cross Site Scripting vulnerability OBB-3927694
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
GHSA-8R3F-844C-MC37 vulnerabilities
Vulnerabilities for packages: gh, prometheus-mysqld-exporter, nerdctl, grpcurl, nri-prometheus, rabbitmq-cluster-operator, kuberay-operator, terraform-docs, gitlab-runner, spire-server, supercronic, gitlab-pages, cilium-cli, external-secrets-operator, cosign, flannel, k8sgpt, gitlab-shell,...
7.5AI Score
CVE-2023-45289 vulnerabilities
Vulnerabilities for packages: gh, prometheus-mysqld-exporter, nerdctl, grpcurl, nri-prometheus, rabbitmq-cluster-operator, kuberay-operator, terraform-docs, nri-kafka, cni-plugins, gitlab-runner, supercronic, k8sgpt, kubeflow-katib, gitlab-shell, prometheus-pushgateway, fq,...
7.7AI Score
0.0004EPSS
CVE-2024-24786 vulnerabilities
Vulnerabilities for packages: gh, prometheus-mysqld-exporter, nerdctl, grpcurl, nri-prometheus, rabbitmq-cluster-operator, kuberay-operator, terraform-docs, gitlab-runner, spire-server, supercronic, gitlab-pages, cilium-cli, external-secrets-operator, cosign, flannel, k8sgpt, gitlab-shell,...
6.3AI Score
0.0004EPSS
CVE-2023-45288 vulnerabilities
Vulnerabilities for packages: hcloud, cni-plugins, supercronic, external-secrets-operator, cluster-api-controller, ingress-nginx-controller, runc, nri-cassandra, kaniko, opentofu, tempo, nri-redis, envoy-ratelimit, cluster-proportional-autoscaler, php-fpm_exporter, flyte, sbomqs, nri-nginx,...
6.5AI Score
0.0004EPSS
GHSA-RR6R-CFGF-GC6H vulnerabilities
Vulnerabilities for packages: gh, prometheus-mysqld-exporter, nerdctl, grpcurl, nri-prometheus, rabbitmq-cluster-operator, kuberay-operator, terraform-docs, nri-kafka, cni-plugins, gitlab-runner, supercronic, k8sgpt, kubeflow-katib, gitlab-shell, prometheus-pushgateway, fq,...
7.5AI Score
CVE-2024-24784 vulnerabilities
Vulnerabilities for packages: gh, prometheus-mysqld-exporter, nerdctl, grpcurl, nri-prometheus, rabbitmq-cluster-operator, kuberay-operator, terraform-docs, nri-kafka, cni-plugins, gitlab-runner, supercronic, k8sgpt, kubeflow-katib, gitlab-shell, prometheus-pushgateway, fq,...
7.7AI Score
0.0004EPSS
CVE-2023-48795 vulnerabilities
Vulnerabilities for packages: prometheus-mysqld-exporter, nerdctl, terraform-docs, nri-kafka, gitlab-runner, spire-server, gitlab-pages, cilium-cli, external-secrets-operator, cosign, kube-fluentd-operator, kubeflow-katib, gitlab-shell, fq, prometheus-statsd-exporter, telegraf, kubescape,...
5.9CVSS
7AI Score
0.962EPSS
GHSA-FGQ5-Q76C-GX78 vulnerabilities
Vulnerabilities for packages: gh, prometheus-mysqld-exporter, nerdctl, grpcurl, nri-prometheus, rabbitmq-cluster-operator, kuberay-operator, terraform-docs, nri-kafka, cni-plugins, gitlab-runner, supercronic, k8sgpt, kubeflow-katib, gitlab-shell, prometheus-pushgateway, fq,...
7.5AI Score
GHSA-J6M3-GC37-6R6Q vulnerabilities
Vulnerabilities for packages: gh, prometheus-mysqld-exporter, nerdctl, grpcurl, nri-prometheus, rabbitmq-cluster-operator, kuberay-operator, terraform-docs, nri-kafka, cni-plugins, gitlab-runner, supercronic, k8sgpt, kubeflow-katib, gitlab-shell, prometheus-pushgateway, fq,...
7.5AI Score
GHSA-3Q2C-PVP5-3CQP vulnerabilities
Vulnerabilities for packages: gh, prometheus-mysqld-exporter, nerdctl, grpcurl, nri-prometheus, rabbitmq-cluster-operator, kuberay-operator, terraform-docs, nri-kafka, cni-plugins, gitlab-runner, supercronic, k8sgpt, kubeflow-katib, gitlab-shell, prometheus-pushgateway, fq,...
7.5AI Score
GHSA-4V7X-PQXF-CX7M vulnerabilities
Vulnerabilities for packages: hcloud, cni-plugins, supercronic, external-secrets-operator, cluster-api-controller, ingress-nginx-controller, runc, nri-cassandra, kaniko, opentofu, tempo, nri-redis, envoy-ratelimit, cluster-proportional-autoscaler, php-fpm_exporter, flyte, sbomqs, nri-nginx,...
7.5AI Score
GHSA-9763-4F94-GFCH vulnerabilities
Vulnerabilities for packages: skaffold, crossplane, slsa-verifier, pulumi-language-java, argo-cd, pulumi-language-dotnet, pulumi, spire-server, tkn, wolfictl, rclone, flux, terragrunt, cosign, apko, falco, aactl, flux-notification-controller, boring-registry, sops, kubescape,...
7.5AI Score
GHSA-45X7-PX36-X8W8 vulnerabilities
Vulnerabilities for packages: prometheus-mysqld-exporter, nerdctl, terraform-docs, nri-kafka, gitlab-runner, spire-server, gitlab-pages, cilium-cli, external-secrets-operator, cosign, kube-fluentd-operator, kubeflow-katib, gitlab-shell, fq, prometheus-statsd-exporter, telegraf, kubescape,...
7.5AI Score
GHSA-32CH-6X54-Q4H9 vulnerabilities
Vulnerabilities for packages: gh, prometheus-mysqld-exporter, nerdctl, grpcurl, nri-prometheus, rabbitmq-cluster-operator, kuberay-operator, terraform-docs, nri-kafka, cni-plugins, gitlab-runner, supercronic, k8sgpt, kubeflow-katib, gitlab-shell, prometheus-pushgateway, fq,...
7.5AI Score
CVE-2024-24783 vulnerabilities
Vulnerabilities for packages: gh, prometheus-mysqld-exporter, nerdctl, grpcurl, nri-prometheus, rabbitmq-cluster-operator, kuberay-operator, terraform-docs, nri-kafka, cni-plugins, gitlab-runner, supercronic, k8sgpt, kubeflow-katib, gitlab-shell, prometheus-pushgateway, fq,...
7.7AI Score
0.0004EPSS
CVE-2024-24785 vulnerabilities
Vulnerabilities for packages: gh, prometheus-mysqld-exporter, nerdctl, grpcurl, nri-prometheus, rabbitmq-cluster-operator, kuberay-operator, terraform-docs, nri-kafka, cni-plugins, gitlab-runner, supercronic, k8sgpt, kubeflow-katib, gitlab-shell, prometheus-pushgateway, fq,...
7.7AI Score
0.0004EPSS
CVE-2023-45290 vulnerabilities
Vulnerabilities for packages: gh, prometheus-mysqld-exporter, nerdctl, grpcurl, nri-prometheus, rabbitmq-cluster-operator, kuberay-operator, terraform-docs, nri-kafka, cni-plugins, gitlab-runner, supercronic, k8sgpt, kubeflow-katib, gitlab-shell, prometheus-pushgateway, fq,...
7.7AI Score
0.0004EPSS
gensokyoradio.net Cross Site Scripting vulnerability OBB-3927692
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
Exploit for Vulnerability in Microsoft
Gerenciamento da implantação de alterações de associação de...
bhadradritemple.telangana.gov.in Cross Site Scripting vulnerability OBB-3927690
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
Directus Lacks Session Tokens Invalidation
Summary Currently session tokens function like the other JWT tokens where they are not actually invalidated when logging out. The directus_session gets destroyed and the cookie gets deleted but if you captured the cookie value it will still work for the entire expiry time which is set to 1 day by.....
Nautobot's BANNER_* configuration can be used to inject arbitrary HTML content into Nautobot pages
Impact A Nautobot user with admin privileges can modify the BANNER_TOP, BANNER_BOTTOM, and BANNER_LOGIN configuration settings via the /admin/constance/config/ endpoint. Normally these settings are used to provide custom banner text at the top and bottom of all Nautobot web pages (or specifically.....
NocoDB Vulnerable to Stored Cross-Site Scripting in Formula.vue
Summary A stored cross-site scripting vulnerability exists within the Formula virtual cell comments functionality. Details The nc-gui/components/virtual-cell/Formula.vue displays a v-html tag with the value of "urls" whose contents are processed by the function replaceUrlsWithLink(). This function....
Directus allows redacted data extraction on the API through "alias"
Summary A user with permission to view any collection using redacted hashed fields can get access the raw stored version using the alias functionality on the API. Normally, these redacted fields will return ********** however if we change the request to ?alias[workaround]=redacted we can instead...
Future of eCommerce: Emerging Technologies Shaping Online Retail in 2024
By Uzair Amir Top-notch stores are moving online as eCommerce continues to lead with breakthrough innovations that are transforming global business… This is a post from HackRead.com Read the original post: Future of eCommerce: Emerging Technologies Shaping Online Retail in...
Ongoing Malvertising Campaign leads to Ransomware
Executive Summary Rapid7 has observed an ongoing campaign to distribute trojanized installers for WinSCP and PuTTY via malicious ads on commonly used search engines, where clicking on the ad leads to typo squatted domains. In at least one observed case, the infection has led to the attempted...
revenueknowmads.com Cross Site Scripting vulnerability OBB-3927686
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
ssl1.secureserv.jp Cross Site Scripting vulnerability OBB-3927685
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
conscamweb.com.br Cross Site Scripting vulnerability OBB-3927683
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
crayonrocks.com Cross Site Scripting vulnerability OBB-3927684
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
innovetica.com Cross Site Scripting vulnerability OBB-3927681
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
res.com.mo Cross Site Scripting vulnerability OBB-3927679
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
mnseniorsonline.com Cross Site Scripting vulnerability OBB-3927678
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
bodegaramanya.com Cross Site Scripting vulnerability OBB-3927680
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
toggy.com Cross Site Scripting vulnerability OBB-3927677
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
wbaasiaboxing.com Cross Site Scripting vulnerability OBB-3927674
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
observatorioplastico.com Cross Site Scripting vulnerability OBB-3927676
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
mychinadress.com Cross Site Scripting vulnerability OBB-3927673
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
jonniejonsson.com Cross Site Scripting vulnerability OBB-3927672
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
edustoke.com Cross Site Scripting vulnerability OBB-3927671
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
naperville-il.com Cross Site Scripting vulnerability OBB-3927668
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
bohemiansgallery.com Cross Site Scripting vulnerability OBB-3927669
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
natsume-books.com Cross Site Scripting vulnerability OBB-3927670
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score