EUVD-2019-0174

Malware in sbrugna...

DLA-4204-1 twitter-bootstrap3 - security update

Bulletin has no description...

DLA-4124-1 twitter-bootstrap3 - security update

Bulletin has no description...

bootstrap: XSS in the data-target attribute

In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041...

Cross-site Scripting in Bootstrap-3-Typeahead

Bootstrap-3-Typeahead after version 4.0.2 is vulnerable to a cross-site scripting flaw in the highlighter function. An attacker could exploit this via user interaction to execute code in the user's browser. This issue was introduced in commit dbd1af5bf and has not been fixed...

Cross site scripting

Bootstrap-3-Typeahead after version 4.0.2 is vulnerable to a cross-site scripting flaw in the highlighter function. An attacker could exploit this via user interaction to execute code in the user's browser...

CVE-2019-10215

CVE-2019-10215 is a cross-site scripting vulnerability in Bootstrap-3-Typeahead’s highlighter() function (affecting versions after 4.0.2). Exploitation required user interaction; the issue was introduced in commit dbd1af5bf and has been addressed in later advisories (e.g., GHSA-m2hm-hrr2-6P2Q) an...

CVE-2019-10215

Bootstrap-3-Typeahead after version 4.0.2 is vulnerable to a cross-site scripting flaw in the highlighter function. An attacker could exploit this via user interaction to execute code in the user's browser...

Bootstrap 3 Typeahead CVE-2019-10215 Cross Site Scripting Vulnerabilitiy

Description Bootstrap 3 Typeahead is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the...

JobSkee Open Source JobBoard 1.1.3 Database Disclosure

Exploit Title : JobSkee Open Source JobBoard 1.1.3 Database Disclosure Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 12/04/2019 Vendor Homepage : jobskee.com Software Download Link : jobskee.com/download.php Software Information Link :...

TheCarProject v2 - Multiple SQL Injection Vulnerability

Exploit for php platform in category web applications =========================================================================================== Exploit Title: TheCarProject v2 - 'manid' SQL Inj. Exploit Author: Mehmet EMIROGLU Vendor Homepage: https://thecarproject.org/ Software Link:...

TheCarProject 2 SQL Injection

=========================================================================================== Exploit Title: TheCarProject v2 - 'manid' SQL Inj. Dork: N/A Date: 17-03-2019 Exploit Author: Mehmet EMIROGLU Vendor Homepage: https://thecarproject.org/ Software Link:...

TheCarProject 2 - Multiple SQL Injection

=========================================================================================== Exploit Title: TheCarProject v2 - 'manid' SQL Inj. Dork: N/A Date: 17-03-2019 Exploit Author: Mehmet EMIROGLU Vendor Homepage: https://thecarproject.org/ Software Link:...

TheCarProject 2 - Multiple SQL Injection

TheCarProject 2 - Multiple SQL Injection =========================================================================================== Exploit Title: TheCarProject v2 - 'manid' SQL Inj. Dork: N/A Date: 17-03-2019 Exploit Author: Mehmet EMIROGLU Vendor Homepage: https://thecarproject.org/ Software...