9 matches found
CVE-2010-3903
Unspecified vulnerability in OpenConnect before 2.23 allows remote AnyConnect SSL VPN servers to cause a denial of service application crash via a 404 HTTP status code...
GHSA-7GFC-2V6G-6W9F Paste is vulnerable to Cross-site Scripting via vectors involving a 404 status code
Multiple cross-site scripting XSS vulnerabilities in the paste.httpexceptions implementation in Paste before 1.7.4 allow remote attackers to inject arbitrary web script or HTML via vectors involving a 404 status code, related to 1 paste.urlparser.StaticURLParser, 2...
ZEIT: Unauthorized admission to any team in zeit.co
step no.1: open : https://zeit.co/teams/invite/ XXXX and this is a code "CzKyCgbB" of joining in a team called "maxhacker" if we generate a list consists of 8 capital and small letters with any generate tools F565462 knowing that the invitation code of any team is constant...
Information disclosure in the REST API
Jira reports the 404 not-found earlier than the 401 not-authorized. This discloses the non-existence of a specific issue numbers to unauthorized users. While this isn't a huge leak, this could come in useful with social engineering. Proof of concept: Both of the calls below are unauthenticated, a...
CVE-2010-2477
Multiple cross-site scripting XSS vulnerabilities in the paste.httpexceptions implementation in Paste before 1.7.4 allow remote attackers to inject arbitrary web script or HTML via vectors involving a 404 status code, related to 1 paste.urlparser.StaticURLParser, 2...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the paste.httpexceptions implementation in Paste before 1.7.4 allow remote attackers to inject arbitrary web script or HTML via vectors involving a 404 status code, related to 1 paste.urlparser.StaticURLParser, 2...
PYSEC-2010-29
Multiple cross-site scripting XSS vulnerabilities in the paste.httpexceptions implementation in Paste before 1.7.4 allow remote attackers to inject arbitrary web script or HTML via vectors involving a 404 status code, related to 1 paste.urlparser.StaticURLParser, 2...
CVE-2010-2477
Multiple cross-site scripting XSS vulnerabilities in the paste.httpexceptions implementation in Paste before 1.7.4 allow remote attackers to inject arbitrary web script or HTML via vectors involving a 404 status code, related to 1 paste.urlparser.StaticURLParser, 2...
CVE-2010-2477
Multiple cross-site scripting XSS vulnerabilities in the paste.httpexceptions implementation in Paste before 1.7.4 allow remote attackers to inject arbitrary web script or HTML via vectors involving a 404 status code, related to 1 paste.urlparser.StaticURLParser, 2...