37 matches found
EUVD-2022-24844
Malicious code in bioql PyPI...
EUVD-2022-25054
Malicious code in bioql PyPI...
CVE-2022-1549
The WP Athletics WordPress plugin through 1.1.7 does not sanitize parameters before storing them in the database, nor does it escape the values when outputting them back in the admin dashboard, leading to a Stored Cross-Site Scripting vulnerability...
CVE-2022-1773
The WP Athletics WordPress plugin through 1.1.7 does not sanitise and escape a parameter before outputting back in an admin page, leading to a Reflected Cross-Site Scripting...
kuathletics.com Improper Access Control vulnerability OBB-3822726
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
surreyathletics.org.uk Cross Site Scripting vulnerability OBB-3490917
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
catalystathletics.com Cross Site Scripting vulnerability OBB-3221624
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
surreyathletics.org.uk Cross Site Scripting vulnerability OBB-3033212
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
goldenathletics.co.uk Cross Site Scripting vulnerability OBB-2955530
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Automatic Cheating Detection in Human Racing
This is a fascinating glimpse of the future of automatic cheating detection in sports: Maybe you heard about the truly insane false-start controversy in track and field? Devon Allen--a wide receiver for the Philadelphia Eagles--was disqualified from the 110-meter hurdles at the World Athletics...
surreyathletics.org.uk Cross Site Scripting vulnerability OBB-2873380
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
WordPress WP Athletics plugin跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. The WordPress plugin is an application plugin. WordPress WP Athletics plugin version 1.1.7 and earlier versions are vulnerable to a cross-site scripting...
CVE-2022-1773
The WP Athletics WordPress plugin through 1.1.7 does not sanitise and escape a parameter before outputting back in an admin page, leading to a Reflected Cross-Site Scripting...
CVE-2022-1773
The WP Athletics WordPress plugin through 1.1.7 does not sanitise and escape a parameter before outputting back in an admin page, leading to a Reflected Cross-Site Scripting...
CVE-2022-1549
The WP Athletics WordPress plugin through 1.1.7 does not sanitize parameters before storing them in the database, nor does it escape the values when outputting them back in the admin dashboard, leading to a Stored Cross-Site Scripting vulnerability...
CVE-2022-1549
The WP Athletics WordPress plugin through 1.1.7 does not sanitize parameters before storing them in the database, nor does it escape the values when outputting them back in the admin dashboard, leading to a Stored Cross-Site Scripting vulnerability...
Cross site scripting
The WP Athletics WordPress plugin through 1.1.7 does not sanitize parameters before storing them in the database, nor does it escape the values when outputting them back in the admin dashboard, leading to a Stored Cross-Site Scripting vulnerability...
CVE-2022-1773
The CVE-2022-1773 entry concerns the WP Athletics WordPress plugin (versions up to 1.1.7). The vulnerability arises because the plugin does not sanitize and escape a parameter before echoing it on an admin page, enabling a Reflected Cross-Site Scripting (XSS) attack. Several connected sources con...
CVE-2022-1549
CVE-2022-1549 affects the WordPress WP Athletics plugin up to version 1.1.7. The vulnerability is a Stored Cross-Site Scripting (XSS) due to input not being sanitized before database storage and not being escaped when output in the admin dashboard. Root cause: lack of input sanitization and outpu...
WordPress plugin WP Athletics 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress WP Athletics plugin version 1.1.7 and prior versions are vulnerable to a cross-site scripting...