Lucene search
K

75 matches found

Carbon Black Blog
Carbon Black Blog
added 2020/12/07 4:0 p.m.39 views

Protect Yourself from Holiday Cyber Threats – Ask the Howlers, Episode 16 Highlights

In episode 16 of “Ask the Howlers,” host Stacia Tympanick, senior solution engineer, met up with Ryan Hendricks, staff architect and manager, to discuss the latest topics concerning cybersecurity impacting the online holiday shopping season. Check out some highlights from the discussion and gain...

6.7AI score
Exploits0
NVD
NVD
added 2019/11/06 12:15 a.m.13 views

CVE-2019-8142

A stored cross-site scripting XSS vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user can inject arbitrary JavaScript code via title of an order when configuring sales payment methods for a store...

5.4CVSS5.2AI score0.00556EPSS
Exploits0References1
OSV
OSV
added 2019/11/06 12:15 a.m.16 views

CVE-2019-8142

A stored cross-site scripting XSS vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user can inject arbitrary JavaScript code via title of an order when configuring sales payment methods for a store...

5.4CVSS5.4AI score
Exploits0References1
Prion
Prion
added 2019/11/06 12:15 a.m.11 views

Cross site scripting

A stored cross-site scripting XSS vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user can inject arbitrary JavaScript code via title of an order when configuring sales payment methods for a store...

3.5CVSS5.1AI score0.00556EPSS
Exploits0References1Affected Software1
Packet Storm
Packet Storm
added 2015/11/15 12:0 a.m.49 views

Wirecard Checkout Page 1.0 Price Manipulation

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Advisory ID: SYSS-2015-061 Product: Wirecard Checkout Page Manufacturer: Wirecard AG Affected Versions: 1.0 Tested Versions: 1.0 Vulnerability Type: Improper Validation of Integrity Check Value CWE-354 Risk Level: High Solution Status: Fixed...

7.4AI score
Exploits0
Hacker One
Hacker One
added 2015/10/05 9:22 p.m.16 views

Shopify: Accessing Payments page and adding payment methods with limited access accounts

Users with the Orders permission were allowed to see the store's payment gateway information. This page should have been restricted to users with the Settings permission only. Using this vulnerability a User with limited access/ No access to Settings could add/alter/change Payment settings while...

3.8AI score
Exploits0
Drupal
Drupal
added 2014/10/29 12:0 a.m.14 views

SA-CONTRIB-2014-106 - Commerce Authorize.Net SIM/DPM Payment Methods - Access Bypass

This module provides payment methods for the Drupal Commerce package to permit the use of the Authorize.Net payment gateway's SIM and DPM payment protocols. Access Bypass The module doesn't sufficiently protect the Drupal Commerce order number passed to the Authorize.Net payment gateway, allowing...

7.1AI score
Exploits0References13
Hacker One
Hacker One
added 2014/09/08 1:41 a.m.13 views

X (Formerly Twitter): Delete Credit Cards from any Twitter Account in ads.twitter.com [New Vulnerability]

i've found a new critical logical vulnerability that allow deleteing credit card of any twitter account in ads.twitter.com , the vulnerability affects the Dismiss functionality of credit cards in payments methods section the vulnerability is similair to the one i've reported earlier h1 report 272...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2014/01/08 12:0 a.m.58 views

UAEPD Shopping Script SQL Injection

uaepd script – Multiple Sql Injection Vulnerabilty ==================================================================== .:. Author : AtT4CKxT3rR0r1ST .:. Contact : [email protected] , [email protected] .:. Home : http://www.iphobos.com/blog/ .:. Script : http://www.uaepd.net/ .:. Dork :...

0.1AI score
Exploits0
ThreatPost
ThreatPost
added 2013/10/21 11:31 a.m.16 views

Ransomware Now Accepting Bitcoin

A family of ransomware known as CryptoLocker has added the popular digital currency Bitcoin to the list of payment methods it accepts in exchange for the private key that will decrypt the files encrypted by the malware. According to a blogpost penned by AlienVault researcher Alberto Ortega, Bitco...

0.2AI score
Exploits0References4
myhack58
myhack58
added 2013/03/29 12:0 a.m.22 views

dedecms local file inclusion and Lilu-path leaked 0day-vulnerability warning-the black bar safety net

Dinner eating support, scan the following code digestion digestion. Recently Php0day group where the brothers are in the discussion of the dede hole more quickly under a jacket, with editplus search for a few keywords, and sure enough found some problems. Saying usually write code also like to us...

7.4AI score
Exploits0
RubySec
RubySec
added 2013/02/21 12:0 a.m.13 views

Spree payment_methods_controller.rb payment_method Parameter Arbitrary Ruby Object Instantiation Command Execution

Spree contains a flaw that is triggered when handling input passed via the 'paymentmethod' parameter to paymentmethodscontroller.rb. This may allow a remote authenticated attacker to instantiate arbitrary Ruby objects and potentially execute arbitrary commands...

5.1AI score0.01531EPSS
Exploits1References1Affected Software1
myhack58
myhack58
added 2011/05/15 12:0 a.m.13 views

ECshop payment methods 0day manual injection EXP-vulnerability warning-the black bar safety net

ECshop payment methods 0day manual injection of the study The original EXP: respond. php? code=tenpay&attach=voucher&spbillno=1 andselect 1 fromselect count,concatselect select SELECT concat0x7e,0x27,count,0x27,0x7e FROM ecs. ecsadminuser from the informationschema. tables limit 0,1,floorrand02x...

7.6AI score
Exploits0
Packet Storm
Packet Storm
added 2010/07/06 12:0 a.m.31 views

Bs Scripts_Directory SQL Injection

1 1 0 I'm Sid3^effects member from Inj3ct0r Team 1 1 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1 Name : Bs ScriptsDirectory Sqli/Auth Bypass Vulnerability Date : july 5,2010 Critical Level : HIGH vendor URL :http://www.brotherscripts.com/ Price:$24.95 Author :...

7.4AI score
Exploits0
0day.today
0day.today
added 2010/07/05 12:0 a.m.32 views

Bs General_Classifieds Script Sql injection Vulnerability

Exploit for php platform in category web applications ========================================================= Bs GeneralClassifieds Script Sql injection Vulnerability ========================================================= 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-...

7.1AI score
Exploits0
Rows per page
Query Builder