16 matches found
simon-delestre.fr Improper Access Control vulnerability OBB-3831552
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
behr-evertz.de Cross Site Scripting vulnerability OBB-3830796
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
WordPress WP Register Profile With Shortcode Plugin <= 3.5.9 is vulnerable to Cross Site Request Forgery (CSRF)
Software WP Register Profile With Shortcode Type Plugin Vulnerable versions = 3.5.9 Fixed in 3.6.0 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-5448 Patch priority Low CVSS severity Low 8.8 Developer Claim ownership PSID 4d4b8ee6f41a Credits...
WordPress EventON Pro Plugin <= 4.5.4 is vulnerable to Broken Access Control
Software EventON Pro Type Plugin Vulnerable versions = 4.5.4 Fixed in 4.5.5 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-6158 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID b43943b2a15f Credits Francesco Carlucci Required...
boffice.sut.ac.th Cross Site Scripting vulnerability OBB-3138346
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
sistemas.conalep.edu.mx Cross Site Scripting vulnerability OBB-3138178
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
WordPress WP-ShowHide Plugin < 1.05 is vulnerable to Cross Site Scripting (XSS)
Software WP-ShowHide Type Plugin Vulnerable versions 1.05 Fixed in 1.05 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4825 Patch priority Medium CVSS severity Medium 6.3 Developer Claim ownership PSID 5336dccd451c Credits Lana Codes Required...
WordPress Royal Elementor Addons Plugin <= 1.3.59 is vulnerable to Broken Access Control
Software Royal Elementor Addons Type Plugin Vulnerable versions = 1.3.59 Fixed in 1.3.60 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2022-4709 Patch priority Medium CVSS severity Medium 4.3 Developer WProyal PSID 62fe02ed7ac4 Credits Ramuel Gall Required...
WordPress Royal Elementor Addons Plugin <= 1.3.59 is vulnerable to Broken Access Control
Software Royal Elementor Addons Type Plugin Vulnerable versions = 1.3.59 Fixed in 1.3.60 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2022-4700 Patch priority Medium CVSS severity Medium 5.4 Developer WProyal PSID 423004fa0a2f Credits Ramuel Gall Required...
WordPress Royal Elementor Addons Plugin <= 1.3.59 is vulnerable to Broken Access Control
Software Royal Elementor Addons Type Plugin Vulnerable versions = 1.3.59 Fixed in 1.3.60 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2022-4711 Patch priority Medium CVSS severity Medium 4.3 Developer WProyal PSID 242bc7b4f228 Credits Ramuel Gall Required...
WordPress Royal Elementor Addons Plugin <= 1.3.59 is vulnerable to Cross Site Request Forgery (CSRF)
Software Royal Elementor Addons Type Plugin Vulnerable versions = 1.3.59 Fixed in 1.3.60 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2022-4707 Patch priority Low CVSS severity Low 4.3 Developer WProyal PSID d1eebd7ac349 Credits Ramuel Gall Require...
citosfsin.ru XSS vulnerability
Open Bug Bounty ID: OBB-685359 Description| Value ---|--- Affected Website:| citosfsin.ru Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| hidden unt...
forsalebyowner.com XSS vulnerability
Open Bug Bounty ID: OBB-509546 Description| Value ---|--- Affected Website:| forsalebyowner.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
fnp.co.ae XSS vulnerability
Vulnerable URL: http://fnp.co.ae/search.php?pageid=1%27%22%3E%3Csvg/onload=confirm/OPENBUGBOUNTY/%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 10.01.2018 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 19503667 VIP website status:| No...
do512.com XSS vulnerability
Vulnerable URL: http://do512.com/?=%22%3E%3Csvg/onload=confirm/OPENBUGBOUNTY/%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 10.01.2018 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 51709 VIP website status:| No Coordinated Disclosure...
scotr.com XSS vulnerability
Vulnerable URL: http://www.scotr.com/se?q=%22%3E%3Csvg%2Fonload%3Dprompt%28%2FXSSPOSED%2F%29%3E Details: Description| Value ---|--- Patched:| Yes, at 03.04.2016 Latest check for patch:| 03.04.2016 10:23 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 286540 Goog...