83 matches found
EUVD-2021-15890
Malware in sbrugna...
EUVD-2021-15884
Malware in sbrugna...
EUVD-2021-15889
Malware in sbrugna...
EUVD-2021-15886
Malware in sbrugna...
EUVD-2021-15887
Malware in sbrugna...
EUVD-2021-15888
Malware in sbrugna...
EUVD-2022-36050
Malicious code in bioql PyPI...
CVE-2022-32984
BTCPay Server 1.3.0 through 1.5.3 allows a remote attacker to obtain sensitive information when a public Point of Sale app is exposed. The sensitive information, found in the HTML source code, includes the xpub of the store. Also, if the store isn't using the internal lightning node, the...
CVE-2021-29247
BTCPay Server through 1.0.7.0 could allow a remote attacker to obtain sensitive information, caused by failure to set the HTTPOnly flag for a cookie...
CVE-2021-29245
BTCPay Server through 1.0.7.0 uses a weak method Next to produce pseudo-random values to generate a legacy API key...
CVE-2021-29246
BTCPay Server through 1.0.7.0 suffers from directory traversal, which allows an attacker with admin privileges to achieve code execution. The attacker must craft a malicious plugin file with special characters to upload the file outside of the restricted directory...
CVE-2021-29248
BTCPay Server through 1.0.7.0 could allow a remote attacker to obtain sensitive information, caused by failure to set the Secure flag for a cookie...
CVE-2021-29250
BTCPay Server through 1.0.7.0 suffers from a Stored Cross Site Scripting XSS vulnerability within the POS Add Products functionality. This enables cookie stealing...
CVE-2021-29251
BTCPay Server before 1.0.7.1 mishandles the policy setting in which users can register in Server Settings Policies. This affects Docker use cases in which a mail server is configured...
CVE-2021-29249
BTCPay Server before 1.0.6.0, when the payment button is used, has a privacy vulnerability...
BTCPay Server 1.7.4 HTML Injection
Exploit Title: BTCPay Server v1.7.4 - HTML Injection Date: 01/26/2023 Exploit Author: Manojkumar J TheWhiteEvil Vendor Homepage: https://github.com/btcpayserver/btcpayserver Software Link: https://github.com/btcpayserver/btcpayserver/releases/tag/v1.7.5 Version: clickhere 3. Click remove/delete A...
BTCPay Server v1.7.4 - HTML Injection Vulnerability
Exploit Title: BTCPay Server v1.7.4 - HTML Injection Exploit Author: Manojkumar J TheWhiteEvil Vendor Homepage: https://github.com/btcpayserver/btcpayserver Software Link: https://github.com/btcpayserver/btcpayserver/releases/tag/v1.7.5 Version: clickhere 3. Click remove/delete API key, the html...
BTCPay Server v1.7.4 - HTML Injection
Exploit Title: BTCPay Server v1.7.4 - HTML Injection Date: 01/26/2023 Exploit Author: Manojkumar J TheWhiteEvil Vendor Homepage: https://github.com/btcpayserver/btcpayserver Software Link: https://github.com/btcpayserver/btcpayserver/releases/tag/v1.7.5 Version: clickhere 3. Click remove/delete A...
BTCPay Server 跨站脚本漏洞
BTCPay Server is a self-hosted open source cryptocurrency payment processor. It is secure, private, uncensored and free. A cross-site scripting vulnerability exists in BTCPay Server versions prior to 1.8.3. An attacker exploited the vulnerability to perform a cross-site scripting attack...
PT-2023-16782 · Unknown · Btcpay Server
Name of the Vulnerable Software and Affected Versions: btcpayserver/btcpayserver versions prior to 1.8.0 Description: The issue is related to improper neutralization of equivalent special elements. There is no information provided about the estimated number of potentially affected devices worldwi...