All Vulnerabilities for welcometoillyria.bpt.me Patched via Open Bug Bounty

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

All Vulnerabilities for bartramseedswap.bpt.me Patched via Open Bug Bounty

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

thaischool.in.th Cross Site Scripting vulnerability OBB-2066705

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

All Vulnerabilities for mkvcinemas.tube Patched via Open Bug Bounty

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

koreascience.or.kr Cross Site Scripting vulnerability OBB-2062051

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| koreascience.or.kr ---|--- Open Bug...

All Vulnerabilities for dolcegabbana.com Patched via Open Bug Bounty

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

Microsoft SharePoint Server 16.0.10372.20060 - (GetXmlDataFromDataSource) SSRF Exploit

Exploit Title: Microsoft SharePoint Server 16.0.10372.20060 - 'GetXmlDataFromDataSource' Server-Side Request Forgery SSRF Exploit Author: Alex Birnberg Software Link: https://www.microsoft.com/en-us/download/details.aspx?id=57462 Version: 16.0.10372.20060 Tested on: Windows Server 2019 CVE :...

directory.warwickshire.gov.uk Cross Site Scripting vulnerability OBB-2040720

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| directory.warwickshire.gov.uk ---|---...

viewsonic.com Cross Site Scripting vulnerability OBB-2037218

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

HealthForYou 1.11.1 / HealthCoach 2.9.2 Account Takeover

Trovent Security Advisory 2104-02 Account takeover with only email address possible Overview Advisory ID: TRSA-2104-02 Advisory version: 1.0 Advisory status: Public Advisory URL: https://trovent.io/security-advisory-2104-02 Affected product: HealthForYou & Sanitas HealthCoach mobile and web...

All Vulnerabilities for appmaker.xyz Patched via Open Bug Bounty

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| appmaker.xyz ---|--- Open Bug Bounty...

vanderbilt.edu Cross Site Scripting vulnerability OBB-2034781

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| vanderbilt.edu ---|--- Open Bug Bounty...

infobip.com Cross Site Scripting vulnerability OBB-2032621

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

All Vulnerabilities for cedcommerce.com Patched via Open Bug Bounty

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

marketscreener.com Cross Site Scripting vulnerability OBB-2032336

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

CVE-2020-26679

vFairs 3.3 is affected by Insecure Permissions. Any user logged in to a vFairs virtual conference or event can modify any other users profile information or profile picture. After receiving any user's unique identification number and their own, an HTTP POST request can be made update their profil...

passeportsante.net Cross Site Scripting vulnerability OBB-2022750

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| passeportsante.net ---|--- Open Bug...

ouedkniss.com Cross Site Scripting vulnerability OBB-2019952

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

Cross-site Scripting (XSS) - Stored in changeweb/unifiedtransform

✍️ Description Stored Cross Site Scripting in the message/all.blade.php. 🕵️‍♂️ Proof of Concept As a teacher, click on "My Courses" and then "message students". CKEditor hides the underlying where we can add tag or capture the request in a proxy like burpsuite and edit the HTTP POST request. Select...

Pega Infinity登陆绕过漏洞（CVE-2021-27651）

Summary An attacker can bypass all stages of the password reset flow and reset any user's account on Pega infinity. This is done by 1 initiating the password reset flow and typing in the victim email, then 2 forcing the HTTP POST request to update the password through. An attacker could login usi...