18 matches found
nahverkehrsportal.de Cross Site Scripting vulnerability OBB-3890725
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
WordPress Xpro Elementor Addons Plugin <= 1.4.2 is vulnerable to Cross Site Scripting (XSS)
Software Xpro Elementor Addons Type Plugin Vulnerable versions = 1.4.2 Fixed in 1.4.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2250 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 7f86252c86a0 Credits Francesco Carlucci...
WordPress Shortcodes and extra features for Phlox theme Plugin <= 2.15.7 is vulnerable to Broken Access Control
Software Shortcodes and extra features for Phlox theme Type Plugin Vulnerable versions = 2.15.7 Fixed in 2.15.8 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-31099 Patch priority Medium CVSS severity Medium 6.4 Developer Claim ownership PSID 6820fd10e35f...
WordPress Pods Plugin <= 3.0.10 is vulnerable to Broken Access Control
Software Pods Type Plugin Vulnerable versions = 3.0.10 Fixed in 3.0.10.2 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-6965 Patch priority Low CVSS severity Low 4.3 Developer Pods Framework PSID 636da473e23f Credits Nex Team Required privilege Contributo...
WordPress Woocommerce Social Media Share Buttons Plugin <= 1.3.0 is vulnerable to Cross Site Scripting (XSS)
Software Woocommerce Social Media Share Buttons Type Plugin Vulnerable versions = 1.3.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-31109 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 2941fe56e84a Credits Dimas Maula...
WordPress pageMash > Page Management Plugin <= 1.3.0 is vulnerable to Cross Site Scripting (XSS)
Software pageMash Page Management Type Plugin Vulnerable versions = 1.3.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-31087 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 77d83c9f1a3c Credits Dimas Maulana Required...
WordPress Hacklog Down As PDF Plugin <= 2.3.6 is vulnerable to Cross Site Scripting (XSS)
Software Hacklog Down As PDF Type Plugin Vulnerable versions = 2.3.6 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-31090 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 688ae2dee281 Credits Dimas Maulana Required privile...
wusstest-du.de Cross Site Scripting vulnerability OBB-3240244
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
paulus-schuler.de Cross Site Scripting vulnerability OBB-3240209
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
bj-lattner.de Cross Site Scripting vulnerability OBB-3240140
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
michaelneuhaus.de Cross Site Scripting vulnerability OBB-3240082
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
WordPress HappyFiles Pro Plugin <= 1.8.1 is vulnerable to Broken Access Control
Software HappyFiles Pro Type Plugin Vulnerable versions = 1.8.1 Fixed in 1.8.2 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-25445 Patch priority Medium CVSS severity Medium 5.4 Developer Claim ownership PSID 518a5cea4b57 Credits Dave Jong Patchstack...
provincieantwerpen.be Cross Site Scripting vulnerability OBB-2454017
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
mominbalance.com Cross Site Scripting vulnerability
Security Researcher g0bl1nsec Helped patch 3608 vulnerabilities Received 4 Coordinated Disclosure badges Received 3 recommendations , a holder of 4 badges for responsible and coordinated disclosure, found a security vulnerability affecting mominbalance.com website and its users. Following...
alawaielementary.org XSS vulnerability
Open Bug Bounty ID: OBB-715482 Description| Value ---|--- Affected Website:| alawaielementary.org Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:|...
tedbaker.com XSS vulnerability
Open Bug Bounty ID: OBB-715315 Description| Value ---|--- Affected Website:| tedbaker.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| hidden unt...
tenisnews.band.uol.com.br Open Redirect vulnerability
Vulnerable URL: http://tenisnews.band.uol.com.br/clickTracker/clickTracker.php?u=http://xssposed.org/ Details: Description| Value ---|--- Patched:| No Latest check for patch:| 26.07.2017 Vulnerability type:| Open Redirect Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not...
DCS self MNS product SQL Injection Vulnerability
Exploit for php platform in category web applications Title : DCS self MNS product SQL Injection Vulnerability Author: eXeSoul Home : www.indishell.in or www.andhrahackers.com Email : email protected date : 29/3/2011 d0rk:- DCS è un prodotto MNS completamente autogestito e dato in utilizzo al...