villapetra-bol.com Cross Site Scripting vulnerability OBB-3251539

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2021-38330 Yet Another bol.com Plugin <= 1.4 Reflected Cross-Site Scripting

The Yet Another bol.com Plugin WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to a reflected $SERVER"PHPSELF" value in the /yabp.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.4...

CVE-2021-38330 Yet Another bol.com Plugin <= 1.4 Reflected Cross-Site Scripting

The Yet Another bol.com Plugin WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to a reflected $SERVER"PHPSELF" value in the /yabp.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.4...

CVE-2021-38330

The CVE-2021-38330 entry concerns the Yet Another bol.com WordPress plugin. Multiple connected sources confirm a Reflected Cross-Site Scripting (XSS) vulnerability caused by a reflected $_SERVER["PHP_SELF"] value in yabp.php, affecting versions up to and including 1.4. Impact described as the abi...

WordPress 插件 跨站脚本漏洞

WordPress Plugin is an open source application plugin for WordPress. A cross-site scripting vulnerability exists in the WordPress plugin Yet Another bol.com, which stems from a lack of proper validation of client-side data in the WEB application. An attacker can exploit this vulnerability to...

WordPress Yet Another bol.com plugin <= 1.4 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by p7e4 in WordPress Yet Another bol.com plugin versions = 1.4. Solution This plugin has been closed as of September 7, 2021 and is not available for download. This closure is temporary, pending a full review...

Yet Another bol.com Plugin <= 1.4 - Reflected Cross-Site Scripting

The plugin is vulnerable to Reflected Cross-Site Scripting due to a reflected $SERVER"PHPSELF" value in the /yabp.php file which allows attackers to inject arbitrary web scripts...

See how I found Bol. com website the XXE vulnerability and successfully exploited-vulnerability warning-the black bar safety net

In a previous report, we learned a lot about in the visitor's browser to execute code knowledge; reflection typeXSSand a storage typeXSS. In addition, we also quickly see the error configuration of the server settings and Open Redirect open-type redirect to. Today, we will explore how from the...

bol.com - Customized SSL, Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application bol.com published at the 'play' market has multiple vulnerabilities...