EUVD-2016-0719

Malware in sbrugna...

CVE-2024-12098

The ARS Affiliate Page Plugin plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'utmkeyword' parameter in all versions up to, and including, 2.0.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

CVE-2024-12098 ARS Affiliate Page Plugin <= 2.0.2 - Reflected Cross-Site Scripting

The ARS Affiliate Page Plugin plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'utmkeyword' parameter in all versions up to, and including, 2.0.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

CVE-2024-12098

CVE-2024-12098 affects the ARS Affiliate Page Plugin for WordPress. The issue is a Reflected Cross-Site Scripting via the utm_keyword parameter in all versions up to and including 2.0.2, allowing unauthenticated attackers to inject scripts in pages executed when a user clicks a crafted link. A pa...

WordPress plugin ARS Affiliate Page Plugin 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

The Present and Future of TV Surveillance

Ars Technica has a good article on whats happening in the world of television surveillance. More than even I realized...

ars-sacra.hu Cross Site Scripting vulnerability OBB-3943971

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

UNC4990 Leverage Hosting Platforms in USB Infection Chain

Summary: UNC4990, a financially motivated threat actor, has been observed targeting organizations in Italy by utilizing weaponized USB drives as an initial infection vector. Additionally, they are employing trusted websites such as Vimeo, GitHub, and Ars Technica to host encoded payloads disguise...

Italian Businesses Hit by Weaponized USBs Spreading Cryptojacking Malware

A financially motivated threat actor known as UNC4990 is leveraging weaponized USB devices as an initial infection vector to target organizations in Italy. Google-owned Mandiant said the attacks single out multiple industries, including health, transportation, construction, and logistics. "UNC499...

ars-produktion.de Cross Site Scripting vulnerability OBB-3400228

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

ars-inveniendi.com Cross Site Scripting vulnerability OBB-3112319

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

be.dnsbelgium:rdap-server (>=0.3.3 <=1.0.3), com.arsframework:ars-module-cms (>=1.0.0 <=1.1.4) +379 more potentially affected by CVE-2014-0097 via org.springframework.security:spring-security-core (>=3.1.0.RELEASE <=3.1.4.RELEASE)

org.springframework.security:spring-security-core MAVEN version =3.1.0.RELEASE, =0.3.3, =1.0.0, =1.0.0, =1.0.0, =1.2.1, =1.2.1, =1.3.6, =1.0.0-alpha2, =1.5, =1.0.0, =3.0.4, =3.0.5 - com.github.ptomli.bedrock:bedrock-core =1.0.0 - com.github.yongjacky:jee.borneo.miri =1.1.6 -...

ars-produktion.de Cross Site Scripting vulnerability OBB-1411742

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

ars-24.com Cross Site Scripting vulnerability OBB-1383095

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

ars-24.com Cross Site Scripting vulnerability OBB-1371628

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

ars-24.com Cross Site Scripting vulnerability OBB-1364369

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

ars-24.com Cross Site Scripting vulnerability OBB-1355154

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

ars-24.com Cross Site Scripting vulnerability OBB-1344443

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

ars-dessous.de Cross Site Scripting vulnerability OBB-1328431

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

ars-24.com Cross Site Scripting vulnerability OBB-1321928

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...