Lucene search
+L

126 matches found

Akamai Blog
Akamai Blog
added 2020/10/23 2:0 p.m.42 views

Is Black Friday a Thing of the Past? Not for Mobile

I recently ordered a new Weber grill from The Home Depot. When it was delivered, I discovered it was the floor model, and it wasn't the perfect grill I had anticipated. I called the local store, and -- long story short -- my friends at The Home Depot gave me a significant discount for not letting...

7AI score
Exploits0
CNVD
CNVD
added 2020/09/10 12:0 a.m.3 views

Ecommerce CodeIgniter Bootstrap cross-site scripting vulnerability (CNVD-2020-51507)

Bootstrap is an open source web front-end framework developed using HTML, CSS and JavaScript.CodeIgniter is an open source web framework written using the PHP language . Ecommerce CodeIgniter Bootstrap A XSS vulnerability exists in previous versions of...

6.1CVSS6.6AI score0.00679EPSS
Exploits0References1
NVD
NVD
added 2020/09/03 2:15 a.m.12 views

CVE-2020-25089

Ecommerce-CodeIgniter-Bootstrap before 2020-08-03 allows XSS in application/modules/admin/views/ecommerce/discounts.php...

6.1CVSS6AI score0.00679EPSS
Exploits0References1
OSV
OSV
added 2020/09/03 2:15 a.m.16 views

CVE-2020-25089

Ecommerce-CodeIgniter-Bootstrap before 2020-08-03 allows XSS in application/modules/admin/views/ecommerce/discounts.php...

6.1CVSS6AI score
Exploits0References1
Hacker One
Hacker One
added 2020/07/05 4:2 p.m.23 views

Shopify: Script Editor preview token still working with uninstalled application, even for unpublished script

Within the Script Editor application, it is possible to preview a script on the storefront and proceed to purchase. Once the user click on the preview link, it opens https://shop.myshopify.com/admin/scripts/preview?scriptid=scriptid which then generate a preview token to be used by the storefront...

6.9AI score
Exploits0
Veracode
Veracode
added 2020/06/29 5:14 a.m.17 views

Authorization Bypass

magento/community-edition is vulnerable to authorization bypass. The application allows an attacker to create unauthorized product discounts upon successful exploitation of the vulnerability...

7.5CVSS4.2AI score0.05009EPSS
Exploits0References1Affected Software1
Openbugbounty
Openbugbounty
added 2020/06/28 9:6 a.m.4 views

ethernetdiscounts.com Cross Site Scripting vulnerability OBB-1209373

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

6.2AI score
Exploits0
NVD
NVD
added 2020/06/26 9:15 p.m.27 views

CVE-2020-9587

Magento versions 2.3.4 and earlier, 2.2.11 and earlier see note, 1.14.4.4 and earlier, and 1.9.4.4 and earlier have an authorization bypass vulnerability. Successful exploitation could lead to potentially unauthorized product discounts...

7.5CVSS0.05009EPSS
Exploits0References1
OSV
OSV
added 2020/06/26 9:15 p.m.19 views

CVE-2020-9587

Magento versions 2.3.4 and earlier, 2.2.11 and earlier see note, 1.14.4.4 and earlier, and 1.9.4.4 and earlier have an authorization bypass vulnerability. Successful exploitation could lead to potentially unauthorized product discounts...

7.5CVSS6.7AI score
Exploits0References1
CVE
CVE
added 2020/06/26 8:19 p.m.79 views

CVE-2020-9587

CVE-2020-9587 corresponds to an authorization bypass vulnerability in Adobe Magento. According to the connected records, affected Magento versions are 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier. Successful exploitation could lead to unauthorize...

7.5CVSS7.3AI score0.05009EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/06/26 8:19 p.m.30 views

CVE-2020-9587

Magento versions 2.3.4 and earlier, 2.2.11 and earlier see note, 1.14.4.4 and earlier, and 1.9.4.4 and earlier have an authorization bypass vulnerability. Successful exploitation could lead to potentially unauthorized product discounts...

7.5AI score0.05009EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2020/05/04 12:0 a.m.103 views

Magento Multiple Vulnerabilities (APSB20-22)

Magento is prone to multiple vulnerabilities. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS7.8AI score0.0572EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2020/04/28 12:0 a.m.4 views

PT-2020-6278 · Adobe · Magento

Name of the Vulnerable Software and Affected Versions: Magento versions 2.3.4 and earlier Magento versions 2.2.11 and earlier Magento versions 1.14.4.4 and earlier Magento versions 1.9.4.4 and earlier Description: The issue is related to an authorization bypass, which could allow a remote attacke...

7.8CVSS7.2AI score0.05009EPSS
Exploits0References8
Microsoft KB
Microsoft KB
added 2020/04/09 12:0 a.m.7 views

Windows 8.1 Store and Windows Update client improvements: May 13, 2014

Windows 8.1 Store and Windows Update client improvements: May 13, 2014 This article describes some improvements for Windows Store and Windows Update in Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2. Check out the new features of this update and how to obtain this update. This update has...

6AI score
Exploits0
Hacker One
Hacker One
added 2019/06/25 3:35 p.m.54 views

Shopify: any staff members have the ability to comment in [discounts] he/she can disable comment section it to other staff even the admin of the store

Hi, I found this cool behavior by mistake when I was testing for some GraphQL, any user have ability to comment in discounts code at discounts section can turn off comments to the other staff members include the admin/manager of the store. this happens because when the GraphQL used to create a...

0.5AI score
Exploits0
Hacker One
Hacker One
added 2019/06/18 9:14 a.m.104 views

Shopify: Stored XSS in Discounts section

self-xss Impact 1.add Products, shop name is '"'' 2.click Discounts-code, https://mosuan-img-src-x.myshopify.com/admin/discounts/367541518396 3.add comments, Choose the goods just now. 4.alert...

0.8AI score
Exploits0
Openbugbounty
Openbugbounty
added 2018/06/17 11:8 a.m.13 views

netzpro.in XSS vulnerability

Open Bug Bounty ID: OBB-633279 Description| Value ---|--- Affected Website:| netzpro.in Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
The Hacker News
The Hacker News
added 2016/12/12 1:26 a.m.10 views

Become a Linux Expert — Get this Online 5-Course Training Bundle

Linux is considered as one of the most favorite operating systems for hackers and security researchers. The open source operating system is often used for building technologies as it offers developers much room for modifications. Linux is used on many hardware platforms, servers, gaming platforms...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2016/11/01 12:51 a.m.14 views

The Hacker News (THN) Celebrates 6th Anniversary Today

Can you believe that it's been 6 years since we first launched The Hacker News? Yes, The Hacker News is celebrating its sixth anniversary today on 1st November. We started this site on this same day back in 2010 with the purpose of providing a dedicated platform to deliver latest infosec news and...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2016/10/26 3:11 a.m.15 views

The Hacker News launches Online Deals Store – Get Best Deals & Offers

Hey readers, guess what? The Hacker News THN is about to complete its 6 years as a leading Information Security Channel – attracting over 9 Million readers worldwide – and a trusted source for Hacking, Cyber Security and Infosec News for the enthusiasts, technologists & nerds. In the special...

6.8AI score
Exploits0
Rows per page
Query Builder