zimmereishop.de XSS vulnerability

Open Bug Bounty ID: OBB-658960 Description| Value ---|--- Affected Website:| zimmereishop.de Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

baeckerei-klix.de XSS vulnerability

Open Bug Bounty ID: OBB-658958 Description| Value ---|--- Affected Website:| baeckerei-klix.de Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

pvc-tischdecke.de XSS vulnerability

Open Bug Bounty ID: OBB-658654 Description| Value ---|--- Affected Website:| pvc-tischdecke.de Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

abrilbooks.com XSS vulnerability

Open Bug Bounty ID: OBB-658090 Description| Value ---|--- Affected Website:| abrilbooks.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

hf4you.co.uk XSS vulnerability

Open Bug Bounty ID: OBB-658085 Description| Value ---|--- Affected Website:| hf4you.co.uk Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

bernstockspeirs.com XSS vulnerability

Open Bug Bounty ID: OBB-658072 Description| Value ---|--- Affected Website:| bernstockspeirs.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

rolgordijnstore.nl XSS vulnerability

Open Bug Bounty ID: OBB-658070 Description| Value ---|--- Affected Website:| rolgordijnstore.nl Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Magento Mage_Adminhtml_Block_Report_Search_Grid Class 'popularity' Parameter SQLi

The Magento application running on the remote web server is affected by a SQL injection vulnerability due to failing to properly sanitized the user-supplied range inputs to the 'popularity' parameter of the MageAdminhtmlBlockReportSearchGrid class. An unauthenticated, remote attacker can exploit...

CVE-2015-1398

Multiple directory traversal vulnerabilities in Magento Community Edition CE 1.9.1.0 and Enterprise Edition EE 1.14.1.0 allow remote authenticated users to include and execute certain PHP files via 1 .. dot dot sequences in the PATHINFO to index.php or 2 vectors involving a block value in the...

Magento 1.2 app/code/core/Mage/Adminhtml/controllers/IndexController.php email Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/33872/info Magento is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. Attacker-supplied HTML and script code would execute in the context of the affect...