3632 matches found
Broadleaf Commerce Cross-Site Scripting Vulnerability
Broadleaf Commerce is Broadleaf Commerce team of a Java open source e-commerce website framework. A cross-site scripting vulnerability exists in Broadleaf Commerce version 5.1.14-GA, which stems from a slow HTTP post vulnerability. An attacker can exploit this vulnerability to execute JavaScript...
CVE-2020-21266
Broadleaf Commerce 5.1.14-GA is affected by cross-site scripting XSS due to a slow HTTP post vulnerability...
CVE-2020-21266
Broadleaf Commerce 5.1.14-GA is affected by cross-site scripting XSS due to a slow HTTP post vulnerability...
CVE-2020-21266
Broadleaf Commerce 5.1.14-GA is affected by cross-site scripting XSS due to a slow HTTP post vulnerability...
CVE-2020-21266
CVE-2020-21266 affects Broadleaf Commerce 5.1.14-GA and is caused by a slow HTTP POST that enables cross-site scripting (XSS) on the client. The impact is client-side script execution. A fix is referenced in Broadleaf release notes for 5.1.15-GA; upgrading to that version is the supported remedia...
Lot Reservation Management System 1.0 Cross Site Scripting
Exploit Title: lot reservation management system 1.0 - Stored Cross Site Scripting Date: 2020-10-22 Exploit Author: Ankita Pal Vendor Homepage: https://www.sourcecodester.com/php/14530/lot-reservation-management-system-using-phpmysqli-source-code.html Software Link:...
Emotet Malware
Summary This Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge ATT &CK® framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques. This product was written by the Cybersecurity and Infrastructure Security Agency CISA and the Multi-State...
Mobile Shop System v1.0 - SQL Injection Authentication Bypass
Title: Mobile Shop System v1.0 - SQLi lead to authentication bypass Exploit Author: Moaaz Taha 0xStorm Date: 2020-09-08 Vendor Homepage: https://www.sourcecodester.com/php/14412/mobile-shop-system-php-mysql.html Software Link:...
Tourism Management System 1.0 - Arbitrary File Upload
Exploit Title: Tourism Management System 1.0 - Arbitrary File Upload Date: 2020-10-19 Exploit Author: Ankita Pal & Saurav Shukla Vendor Homepage: https://phpgurukul.com/tourism-management-system-free-download/ Software Link: https://phpgurukul.com/?smdprocessdownload=1&downloadid=7204 Version: V1...
sigeprev.spprev.sp.gov.br Cross Site Scripting vulnerability OBB-1400412
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| sigeprev.spprev.sp.gov.br ---|--- Open...
recife.pe.gov.br Cross Site Scripting vulnerability OBB-1319339
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| recife.pe.gov.br ---|--- Open Bug Bount...
Mobile Shop System 1.0 SQL Injection
Title: Mobile Shop System v1.0 - SQLi lead to authentication bypass Exploit Author: Moaaz Taha 0xStorm Date: 2020-09-08 Vendor Homepage: https://www.sourcecodester.com/php/14412/mobile-shop-system-php-mysql.html Software Link:...
orchids.de Cross Site Scripting vulnerability OBB-1318347
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
jobdiva.com Cross Site Scripting vulnerability OBB-1302857
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| jobdiva.com ---|--- Open Bug Bounty...
[SECURITY] Fedora 31 Update: curl-7.66.0-3.fc31
curl is a command line tool for transferring data with URL syntax, supporti ng FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, I MAP, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies,...
hyurservice.am Cross Site Scripting vulnerability OBB-1299474
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
jobdiva.com Cross Site Scripting vulnerability OBB-1294002
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| jobdiva.com ---|--- Open Bug Bounty...
hemoam.am.gov.br Cross Site Scripting vulnerability OBB-1290733
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| hemoam.am.gov.br ---|--- Open Bug Bount...
paraibadosul.rj.gov.br Cross Site Scripting vulnerability OBB-1290704
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| paraibadosul.rj.gov.br ---|--- Open Bug...
hyurservice.am Cross Site Scripting vulnerability OBB-1281809
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...