3632 matches found
Unrestricted file upload
An unrestricted file upload vulnerability in /UploadPsIcon.jsp in SysAid ITIL 20.4.74 b10 allows a remote authenticated attacker to upload an arbitrary file via the file parameter in the HTTP POST body. A successful request returns the absolute, server-side filesystem path of the uploaded file...
CVE-2021-43973
An unrestricted file upload vulnerability in /UploadPsIcon.jsp in SysAid ITIL 20.4.74 b10 allows a remote authenticated attacker to upload an arbitrary file via the file parameter in the HTTP POST body. A successful request returns the absolute, server-side filesystem path of the uploaded file...
CVE-2021-43972
An unrestricted file copy vulnerability in /UserSelfServiceSettings.jsp in SysAid ITIL 20.4.74 b10 allows a remote authenticated attacker to copy arbitrary files on the server filesystem to the web root with an arbitrary filename via the tempFile and fileName parameters in the HTTP POST body...
Sysaid Technologies SysAid 安全漏洞
Sysaid Technologies SysAid is an IT service management solution from the Israeli company SysAid Technologies Sysaid Technologies.A security vulnerability exists in SysAid ITIL, which could be exploited by an attacker to copy arbitrary files on the server file system to the Web root via the HTTP...
The vulnerability of the FUN_8004776c function (/formVirtualServ) of the D-Link DIR-809 wireless router allows a attacker to execute any code on the target system.
The vulnerability of the FUN8004776c function /formVirtualServ of the wireless router D-Link DIR-809 is related to stack buffer overflow. Exploiting this vulnerability allows a remote attacker to execute arbitrary code on the system through the created POST request...
icha.idaho.gov Cross Site Scripting vulnerability OBB-2305053
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| icha.idaho.gov ---|--- Open Bug Bounty...
Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware
log4j-CVE-2021-44228 On December 5, 2021, Apache identified a...
Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware
PoC exploit for CVE-2021-44228, a remote code execution vulnerab...
us.edu.pl Cross Site Scripting vulnerability OBB-2299762
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| us.edu.pl ---|--- Open Bug Bounty...
All Vulnerabilities for nhvrinweb.sos.nh.gov Patched via Open Bug Bounty
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| nhvrinweb.sos.nh.gov ---|--- Open Bug...
All Vulnerabilities for mail.mfs.cm.gov.qa Patched via Open Bug Bounty
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| mail.mfs.cm.gov.qa ---|--- Open Bug...
All Vulnerabilities for autodiscover.gca.gov.sa Patched via Open Bug Bounty
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| autodiscover.gca.gov.sa ---|--- Open Bu...
odatv4.com Cross Site Scripting vulnerability OBB-2286963
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| odatv4.com ---|--- Open Bug Bounty...
skymetweather.com Cross Site Scripting vulnerability OBB-2284620
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| skymetweather.com ---|--- Open Bug Boun...
All Vulnerabilities for nhvrinweb.sos.nh.gov Patched via Open Bug Bounty
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| nhvrinweb.sos.nh.gov ---|--- Open Bug...
unemat.br Cross Site Scripting vulnerability OBB-2276478
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| unemat.br ---|--- Open Bug Bounty...
entptest.hud.gov Cross Site Scripting vulnerability OBB-2276254
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| entptest.hud.gov ---|--- Open Bug Bount...
njparentlink.nj.gov Cross Site Scripting vulnerability OBB-2271172
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| njparentlink.nj.gov ---|--- Open Bug...
All Vulnerabilities for caliber.az Patched via Open Bug Bounty
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| caliber.az ---|--- Open Bug Bounty...
metro.co.uk Cross Site Scripting vulnerability OBB-2261972
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| metro.co.uk ---|--- Open Bug Bounty...