cervantesvirtual.com Cross Site Scripting vulnerability OBB-2105351

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| cervantesvirtual.com ---|--- Open Bug...

All Vulnerabilities for mangahere.cc Patched via Open Bug Bounty

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

idokep.hu Cross Site Scripting vulnerability OBB-2095506

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| idokep.hu ---|--- Open Bug Bounty...

[SECURITY] Fedora 34 Update: curl-7.76.1-7.fc34

curl is a command line tool for transferring data with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMA P, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies,...

nordbayern.de Cross Site Scripting vulnerability OBB-2092601

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| nordbayern.de ---|--- Open Bug Bounty...

moh.gov.cy Cross Site Scripting vulnerability OBB-2091063

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| moh.gov.cy ---|--- Open Bug Bounty...

eeagrants.gov.cy Cross Site Scripting vulnerability OBB-2090625

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| eeagrants.gov.cy ---|--- Open Bug Bount...

All Vulnerabilities for elearning.lavoro.gov.it Patched via Open Bug Bounty

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| elearning.lavoro.gov.it ---|--- Open Bu...

All Vulnerabilities for eformar.sg.mtsss.gov.pt Patched via Open Bug Bounty

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| eformar.sg.mtsss.gov.pt ---|--- Open Bu...

CVE-2021-24385

The Filebird Plugin 4.7.3 introduced a SQL injection vulnerability as it is making SQL queries without escaping user input data from a HTTP post request. This is a major vulnerability as the user input is not escaped and passed directly to the getcol function and it allows SQL injection. The Rest...

Sql injection

The Filebird Plugin 4.7.3 introduced a SQL injection vulnerability as it is making SQL queries without escaping user input data from a HTTP post request. This is a major vulnerability as the user input is not escaped and passed directly to the getcol function and it allows SQL injection. The Rest...

CVE-2021-24385

The CVE-2021-24385 entry concerns the WordPress Filebird Plugin (v4.7.3). The vulnerability is a SQL injection caused by unescaped user input in SQL queries derived from a HTTP POST request, with the vulnerable code path invoked by a REST API endpoint that requires no authentication. This makes t...

CVE-2021-33217

An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. The Web Application allows Arbitrary Read/Write actions by authenticated users. The API allows an HTTP POST of arbitrary content into any file on the filesystem as root...

Design/Logic Flaw

An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. The Web Application allows Arbitrary Read/Write actions by authenticated users. The API allows an HTTP POST of arbitrary content into any file on the filesystem as root...

CVE-2021-33217

An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. The Web Application allows Arbitrary Read/Write actions by authenticated users. The API allows an HTTP POST of arbitrary content into any file on the filesystem as root...

Church Management System 1.0 - 'password' SQL Injection (Authentication Bypass)

Exploit Title: Church Management System 1.0 - 'password' SQL Injection Authentication Bypass Date: 07/03/2021 Exploit Author: Murat DEMIRCI @butterflyhunt3r Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/11206/church-management-system.html Versio...

CVE-2021-28588

Adobe RoboHelp Server version 2019.0.9 and earlier is affected by a Path Traversal vulnerability when parsing a crafted HTTP POST request. An authenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue...

CVE-2021-28588

Adobe RoboHelp Server version 2019.0.9 and earlier is affected by a Path Traversal vulnerability when parsing a crafted HTTP POST request. An authenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue...

Path traversal

Adobe RoboHelp Server version 2019.0.9 and earlier is affected by a Path Traversal vulnerability when parsing a crafted HTTP POST request. An authenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue...

CVE-2021-28588 Adobe RoboHelp Server folderId Directory Traversal Remote Code Execution Vulnerability

Adobe RoboHelp Server version 2019.0.9 and earlier is affected by a Path Traversal vulnerability when parsing a crafted HTTP POST request. An authenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue...