1035 matches found
resbook.com XSS vulnerability
Open Bug Bounty ID: OBB-639068 Description| Value ---|--- Affected Website:| resbook.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
Liberapay: Liberapay Non Verified Account Takeover with signup feature
Hi, So i saw a strange behaviour of your web on signup feature when that can be escalated to Account Takeover but for limited timeline, Issue: When a New user signup for an account on https://en.liberapay.com/ he have to enter his email address only and it doesn't say anything about sending a...
GSA Bounty: Multiple Bugs in api.data.gov/signup endpoint leads to send custom messages to Anyone
Hey there, while signing for new api key, i have found two bugs that is unusual and make anyone to send crafted or customised email to someone. Bug 1: - low 1. Go to https://api.data.gov/signup/ 2. Enter first and last name , then enter email id and get api key. Bug: You can use the same email id...
musclecarmag.com.au XSS vulnerability
Open Bug Bounty ID: OBB-608975 Description| Value ---|--- Affected Website:| musclecarmag.com.au Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
blogmn.net XSS vulnerability
Open Bug Bounty ID: OBB-602800 Description| Value ---|--- Affected Website:| blogmn.net Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
travel-solutions.co.uk XSS vulnerability
Open Bug Bounty ID: OBB-600085 Description| Value ---|--- Affected Website:| travel-solutions.co.uk Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
hermitageart.com XSS vulnerability
Open Bug Bounty ID: OBB-598465 Description| Value ---|--- Affected Website:| hermitageart.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
mdundo.com XSS vulnerability
Open Bug Bounty ID: OBB-591711 Description| Value ---|--- Affected Website:| mdundo.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
Honeypot strategy is no longer effectively preventing spam account signup
panel:title=Fix From 3.9.5 onwards we have turned off the honeypot in favour of using captcha anyone affected by this issue just needs to switch the CAPTCHA on...
Honeypot strategy is no longer effectively preventing spam account signup
panel:title=Fix From 3.9.5 onwards we have turned off the honeypot in favour of using captcha anyone affected by this issue just needs to switch the CAPTCHA on...
HamayeshNegar CMS signup component SQL injection vulnerability
HamayeshNegar CMS is a content management system. signup component is one of the signup functionality components. A SQL injection vulnerability exists in the users/signup.php file of the signup component in HamayeshNegar CMS. The vulnerability can be exploited by a remote attacker to execute...
files.mycloud.com XSS vulnerability
Open Bug Bounty ID: OBB-571030 Description| Value ---|--- Affected Website:| files.mycloud.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
CVE-2017-18194
SQL injection vulnerability in users/signup.php in the "signup" component in HamayeshNegar CMS allows a remote attacker to execute arbitrary SQL commands via the "utype" parameter...
CVE-2017-18194
SQL injection vulnerability in users/signup.php in the "signup" component in HamayeshNegar CMS allows a remote attacker to execute arbitrary SQL commands via the "utype" parameter...
CVE-2017-18194
HamayeshNegar CMS is affected in its signup component (users/signup.php). The vulnerability is a SQL injection caused by the utype parameter, allowing a remote attacker to execute arbitrary SQL commands. The exploitation details are not provided in the documents; no patch or remediation steps are...
Authentication flaw
Jenkins versions 2.56 and earlier as well as 2.46.1 LTS and earlier are vulnerable to an issue in the Jenkins user database authentication realm: create an account if signup is enabled; or create an account if the victim is an administrator, possibly deleting the existing default admin user in th...
earthcam.com XSS vulnerability
Open Bug Bounty ID: OBB-533665 Description| Value ---|--- Affected Website:| earthcam.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
hackaday.io XSS vulnerability
Open Bug Bounty ID: OBB-501311 Description| Value ---|--- Affected Website:| hackaday.io Open Bug Bounty Program:| Not created yet Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Disclosure...
airbravocorp.com XSS vulnerability
Open Bug Bounty ID: OBB-456522 Description| Value ---|--- Affected Website:| airbravocorp.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat...
identureandhearing.com XSS vulnerability
Open Bug Bounty ID: OBB-456521 Description| Value ---|--- Affected Website:| identureandhearing.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention...