17 matches found
WordPress Chartify Plugin <= 2.9.5 is vulnerable to Remote Code Execution (RCE)
Software Chartify Type Plugin Vulnerable versions = 2.9.5 Fixed in 2.9.6 OWASP Top 10 A1: Injection Classification Remote Code Execution RCE CVE CVE-2024-10571 Patch priority High CVSS severity High 10 Developer Claim ownership PSID 97f7a98a5728 Credits abrahack Required privilege Unauthenticated...
WordPress WPvivid Backup and Migration Plugin <= 0.9.107 is vulnerable to PHP Object Injection
Software WPvivid Backup and Migration Type Plugin Vulnerable versions = 0.9.107 Fixed in 0.9.108 OWASP Top 10 A1: Injection Classification PHP Object Injection CVE CVE-2024-10962 Patch priority Low CVSS severity Low 9.8 Developer Claim ownership PSID b2861821d90b Credits Webbernaut Required...
CVE-2024-8927
In PHP versions 8.1. before 8.1.30, 8.2. before 8.2.24, 8.3. before 8.3.12, HTTPREDIRECTSTATUS variable is used to check whether or not CGI binary is being run by the HTTP server. However, in certain scenarios, the content of this variable can be controlled by the request submitter via HTTP...
shoraipower.com Cross Site Scripting vulnerability OBB-3780626
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
reef-aquarium-store.com Cross Site Scripting vulnerability OBB-3780562
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
pet-az.com Cross Site Scripting vulnerability OBB-3780481
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
nutritfort.md Cross Site Scripting vulnerability OBB-3780453
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
stadtkapelle-kemnath.de Improper Access Control vulnerability OBB-3780240
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
art-22.ru Cross Site Scripting vulnerability OBB-3053967
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
apsara-hotel.ru Cross Site Scripting vulnerability OBB-3053756
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
bramwesthof.com Improper Access Control vulnerability OBB-2269768
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
blanc-immobilier.com XSS vulnerability
Open Bug Bounty ID: OBB-698297 Description| Value ---|--- Affected Website:| blanc-immobilier.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:|...
mairie-cormeray.fr XSS vulnerability
Open Bug Bounty ID: OBB-621537 Description| Value ---|--- Affected Website:| mairie-cormeray.fr Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| hidd...
mrjatt.me XSS vulnerability
Open Bug Bounty ID: OBB-416721 Description| Value ---|--- Affected Website:| mrjatt.me Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat Sheet...
tubemogul.com XSS vulnerability
Vulnerable URL: https://www.tubemogul.com/insights/?industry=politics" Details: Description| Value ---|--- Patched:| Yes, at 28.07.2017 Latest check for patch:| 28.07.2017 12:43 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 50154 VIP website status:| No Check...
actueel.pwc.nl XSS vulnerability
Open Bug Bounty ID: OBB-154362 Description| Value ---|--- Affected Website:| actueel.pwc.nl Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
europa.eu XSS vulnerability
Vulnerable URL: http://europa.eu/whoiswho/public/index.cfm?lang=%22%3E%3Csvg/onload=confirm%28%27XSSPOSED%27%29%3E Details: Description| Value ---|--- Patched:| Yes, at 16.12.2015 Latest check for patch:| 16.12.2015 09:43 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alex...