25 matches found
CVE-2025-38304
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix NULL pointer deference on eirgetservicedata The len parameter is considered optional so it can be NULL so it cannot be used for skipping to next entry of EIRSERVICEDATA...
iceomatic.com Cross Site Scripting vulnerability OBB-3943366
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
ascomtorino.it Cross Site Scripting vulnerability OBB-3943109
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
spg.co.kr Cross Site Scripting vulnerability OBB-3942963
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
WordPress Tutor LMS Plugin <= 2.7.2 is vulnerable to Cross Site Scripting (XSS)
Software Tutor LMS Type Plugin Vulnerable versions = 2.7.2 Fixed in 2.7.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-37947 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 54e1794329a4 Credits justakazh Required privilege editor and Tuto...
WordPress Booking Ultra Pro Plugin <= 1.1.13 is vulnerable to Cross Site Scripting (XSS)
Software Booking Ultra Pro Type Plugin Vulnerable versions = 1.1.13 Fixed in 1.1.14 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-38676 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 5502b7d4c80c Credits LVT-tholv2k Required privilege...
rigabooks.it Cross Site Scripting vulnerability OBB-3500861
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
curtainscurtainscurtains.co.uk Cross Site Scripting vulnerability OBB-3500538
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
skprostejov1913.cz Cross Site Scripting vulnerability OBB-3500437
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
motoworld.cz Cross Site Scripting vulnerability OBB-3500362
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
topvino.cz Cross Site Scripting vulnerability OBB-3499492
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
alldatasheet.es Cross Site Scripting vulnerability OBB-3498931
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
portvenebalti.ee Cross Site Scripting vulnerability OBB-3497890
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
WordPress Buy Me a Coffee Plugin <= 3.7 is vulnerable to Broken Access Control
Software Buy Me a Coffee Type Plugin Vulnerable versions = 3.7 Fixed in 3.8 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-2078 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 4f9e072d5272 Credits Lana Codes Required privilege...
WordPress WooCommerce GoCardless Gateway Plugin <= 2.5.6 is vulnerable to Insecure Direct Object References (IDOR)
Software WooCommerce GoCardless Gateway Type Plugin Vulnerable versions = 2.5.6 Fixed in 2.5.7 OWASP Top 10 A5: Broken Access Control Classification Insecure Direct Object References IDOR CVE CVE-2023-37871 Patch priority Low CVSS severity Low 8.2 Developer Claim ownership PSID 5a7891bcb8a5 Credi...
WordPress Getnet Argentina para Woocommerce Plugin 0.0.1-0.0.4 is vulnerable to Broken Access Control
Software Getnet Argentina para Woocommerce Type Plugin Vulnerable versions 0.0.1-0.0.4 Fixed in 0.0.5 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-3525 Patch priority Low CVSS severity Low 7.5 Developer Claim ownership PSID 026805019331 Credits Kijam...
mygraphiclab.com Cross Site Scripting vulnerability OBB-2753802
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
realestateindonmillstoronto.com Cross Site Scripting vulnerability OBB-1220796
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
bookmj.co.kr Cross Site Scripting vulnerability OBB-1220587
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
prosucesso.azores.gov.pt Cross Site Scripting vulnerability OBB-1220330
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...