guns.ru XSS vulnerability

Vulnerable URL: http://guns.ru/cgi-bin/search.cgi/search?act=search=xss"...

dailyfreegames.com XSS vulnerability

Open Bug Bounty ID: OBB-65790 Description| Value ---|--- Affected Website:| dailyfreegames.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat...

holodilnik.ru XSS vulnerability

Vulnerable URL: http://holodilnik.ru/search/ ?search="...

baidu.com XSS vulnerability

Vulnerable URL: http://www.baidu.com/s?wd=site:...

ProjectPier 0.8.8 SP2 Cross Site Scripting

I was doing my RASP Runtime Application Self-Protection module testing on the latest version of Project Pier i.e. 0.8.8 SP2 yesterday and found an XSS vulnerability in search...

goguides.org XSS vulnerability

Open Bug Bounty ID: OBB-46981 Description| Value ---|--- Affected Website:| goguides.org Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat Sheet...

CVE-2014-1995

Cross-site scripting XSS vulnerability in the Map search functionality in Cybozu Garoon 2.x and 3.x before 3.7 SP4 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...

CVE-2013-4489

The Grit gem for Ruby, as used in GitLab 5.2 before 5.4.1 and 6.x before 6.2.3, allows remote authenticated users to execute arbitrary commands, as demonstrated by the search box for the GitLab code search feature...

Design/Logic Flaw

The Grit gem for Ruby, as used in GitLab 5.2 before 5.4.1 and 6.x before 6.2.3, allows remote authenticated users to execute arbitrary commands, as demonstrated by the search box for the GitLab code search feature...

CVE-2014-2280

Cross-site scripting XSS vulnerability in the search feature in SeedDMS formerly LetoDMS and MyDMS before 4.3.4 allows remote attackers to inject arbitrary web script or HTML via the query parameter...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the search feature in iTop aka IT Operations Portal 2.0, 1.2.1, 1.2, and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 text parameter to pages/UI.php or 2 expression parameter to pages/runquery.php. NOTE: some ...

CVE-2014-2280

Cross-site scripting XSS vulnerability in the search feature in SeedDMS formerly LetoDMS and MyDMS before 4.3.4 allows remote attackers to inject arbitrary web script or HTML via the query parameter...

UAEPD Shopping Script SQL Injection

uaepd script – Multiple Sql Injection Vulnerabilty ==================================================================== .:. Author : AtT4CKxT3rR0r1ST .:. Contact : [email protected] , [email protected] .:. Home : http://www.iphobos.com/blog/ .:. Script : http://www.uaepd.net/ .:. Dork :...

CVE-2012-2177

Cross-site scripting XSS vulnerability in IBM Cognos Business Intelligence BI 8.4.1 before IF1, 10.1 before IF2, 10.1.1 before IF2, and 10.2 before IF1 allows user-assisted remote attackers to inject arbitrary web script or HTML via vectors related to the search feature...

Cross site scripting

Cross-site scripting XSS vulnerability in IBM Cognos Business Intelligence BI 8.4.1 before IF1, 10.1 before IF2, 10.1.1 before IF2, and 10.2 before IF1 allows user-assisted remote attackers to inject arbitrary web script or HTML via vectors related to the search feature...

CVE-2012-2177

Cross-site scripting XSS vulnerability in IBM Cognos Business Intelligence BI 8.4.1 before IF1, 10.1 before IF2, 10.1.1 before IF2, and 10.2 before IF1 allows user-assisted remote attackers to inject arbitrary web script or HTML via vectors related to the search feature...

Hundreds of SSH Private Keys exposed via GitHub Search

GitHub is a source code repository which lets developers work on programs together as a team, even when they are in different locations. Each repository on the site is a public folder designed to hold the software code that a developer is working on. This Tuesday GitHub announced a major upgrades...

EFF Raises Questions on Privacy Leaks in Ubuntu

The EFF is warning users of Ubuntu’s latest release that the open-source operating system sends their search queries to third parties, including Amazon, by default, and that some of their search results may be viewable by other users on the same network. The privacy leaks are present in Ubuntu...

CVE-2011-5176

Multiple cross-site scripting XSS vulnerabilities in search.php in Banana Dance, possibly B.1.5 and earlier, allow remote attackers to inject arbitrary web script or HTML via the 1 q or 2 category parameter...

CVE-2012-3398

Algorithmic complexity vulnerability in Moodle 1.9.x before 1.9.19, 2.0.x before 2.0.10, 2.1.x before 2.1.7, and 2.2.x before 2.2.4 allows remote authenticated users to cause a denial of service CPU consumption by using the advanced-search feature on a database activity that has many records...