Z-Blog <=1.5.2 - Open Redirect

Z-Blog 1.5.2 and earlier contains an open redirect vulnerability via the redirect parameter in zbsystem/cmd.php. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations. id: CVE-2020-18268 info: name: Z-Blo...

CVE-2020-18268

Open Redirect in Z-BlogPHP v1.5.2 and earlier allows remote attackers to obtain sensitive information via the "redirect" parameter in the component "zbsystem/cmd.php."...

CVE-2020-18268

CVE-2020-18268 : Z-BlogPHP

dev2-aspar.hybridsaas.com Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1100571 Security Researcher gdattacker Helped patch 162 vulnerabilities Received 3 Coordinated Disclosure badges Received 18 recommendations , a holder of 3 badges for responsible and coordinated disclosure, found a security vulnerability affecting dev2-aspar.hybridsaas.co...

CVE-2017-18268

Symantec IntelligenceCenter 3.3 is vulnerable to the Return of the Bleichenbacher Oracle Threat ROBOT attack. A remote attacker, who has captured a pre-recorded SSL session inspected by SSLV, can establish large numbers of crafted SSL connections to the target and obtain the session keys required...

CVE-2017-18268

Symantec IntelligenceCenter 3.3 is vulnerable to the ROBOT (Bleichenbacher) padding oracle attack. A remote attacker intercepting a pre-recorded SSL session and crafting many SSL connections can recover session keys to decrypt the pre-recorded data. The issue affects IntellegenceCenter 3.3’s SSL/...