3632 matches found
clct.franklincountyohio.gov Cross Site Scripting vulnerability OBB-2179832
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| clct.franklincountyohio.gov ---|--- Ope...
All Vulnerabilities for cxz.gov.cn Patched via Open Bug Bounty
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| cxz.gov.cn ---|--- Open Bug Bounty...
interempresas.net Cross Site Scripting vulnerability OBB-2172106
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| interempresas.net ---|--- Open Bug Boun...
cityofrushville.in.gov Cross Site Scripting vulnerability OBB-2169366
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| cityofrushville.in.gov ---|--- Open Bug...
Yellowfin Cross-Site Scripting Vulnerability
Yellowfin is a business intelligence automated analytics, cross-vendor narrative and collaboration software suite. A stored cross-site scripting vulnerability exists in the video embedding feature in Yellowfin versions prior to 9.6.1. An attacker can exploit this vulnerability by sending a...
CVE-2021-36387
In Yellowfin before 9.6.1 there is a Stored Cross-Site Scripting vulnerability in the video embed functionality exploitable through a specially crafted HTTP POST request to the page "ActivityStreamAjax.i4"...
CVE-2021-36387
In Yellowfin before 9.6.1 there is a Stored Cross-Site Scripting vulnerability in the video embed functionality exploitable through a specially crafted HTTP POST request to the page "ActivityStreamAjax.i4"...
Cross site scripting
In Yellowfin before 9.6.1 there is a Stored Cross-Site Scripting vulnerability in the video embed functionality exploitable through a specially crafted HTTP POST request to the page "ActivityStreamAjax.i4"...
CVE-2021-36387
In Yellowfin before 9.6.1 there is a Stored Cross-Site Scripting vulnerability in the video embed functionality exploitable through a specially crafted HTTP POST request to the page "ActivityStreamAjax.i4"...
CVE-2021-36387
In Yellowfin before 9.6.1 there is a Stored Cross-Site Scripting vulnerability in the video embed functionality exploitable through a specially crafted HTTP POST request to the page "ActivityStreamAjax.i4"...
All Vulnerabilities for alistamento.eb.mil.br Patched via Open Bug Bounty
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| alistamento.eb.mil.br ---|--- Open Bug...
webTareas SQL Injection Vulnerability
webTareas is a web-based open source collaboration tool. The product supports features such as project management, bug tracking, content management and meeting management. A security vulnerability exists in webTareas 2.4 and earlier versions, where an unauthenticated user can perform time and...
guiamais.com.br Cross Site Scripting vulnerability OBB-2160276
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| guiamais.com.br ---|--- Open Bug Bounty...
ajmadison.com Cross Site Scripting vulnerability OBB-2159784
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| ajmadison.com ---|--- Open Bug Bounty...
CVE-2021-41920
webTareas version 2.4 and earlier allows an unauthenticated user to perform Time and Boolean-based blind SQL Injection on the endpoint /includes/library.php, via the sorcible, sorchamps, and sorordre HTTP POST parameters. This allows an attacker to access all the data in the database and obtain...
Code injection
webTareas version 2.4 and earlier allows an authenticated user to arbitrarily upload potentially dangerous files without restrictions. This is working by adding or replacing a personal profile picture. The affected endpoint is /includes/upload.php on the HTTP POST data. This allows an attacker to...
bag.bund.de Cross Site Scripting vulnerability OBB-2158973
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| bag.bund.de ---|--- Open Bug Bounty...
All Vulnerabilities for amri.ninds.nih.gov Patched via Open Bug Bounty
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| amri.ninds.nih.gov ---|--- Open Bug...
All Vulnerabilities for agisportal.lanl.gov Patched via Open Bug Bounty
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| agisportal.lanl.gov ---|--- Open Bug...
Online Traffic Offense Management System 1.0 Cross Site Scripting
Exploit Title: Online Traffic Offense Management System 1.0 - Multiple XSS Unauthenticated Date: 07/10/2021 Exploit Author: Hubert Wojciechowski Contact Author: [email protected] Vendor Homepage: https://www.sourcecodester.com Software Link:...