Lucene search
K

129 matches found

OSV
OSV
added 2021/01/05 9:15 p.m.18 views

CVE-2020-29437

SQL injection in the Buzz module of OrangeHRM through 4.6 allows remote authenticated attackers to execute arbitrary SQL commands via the orangehrmBuzzPlugin/lib/dao/BuzzDao.php loadMorePostsFormprofileUserId parameter to the buzz/loadMoreProfile endpoint...

8.1CVSS8.6AI score
Exploits0References4
Prion
Prion
added 2021/01/05 9:15 p.m.20 views

Sql injection

SQL injection in the Buzz module of OrangeHRM through 4.6 allows remote authenticated attackers to execute arbitrary SQL commands via the orangehrmBuzzPlugin/lib/dao/BuzzDao.php loadMorePostsFormprofileUserId parameter to the buzz/loadMoreProfile endpoint...

5.5CVSS8.4AI score0.02325EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2021/01/05 8:30 p.m.19 views

CVE-2020-29437

SQL injection in the Buzz module of OrangeHRM through 4.6 allows remote authenticated attackers to execute arbitrary SQL commands via the orangehrmBuzzPlugin/lib/dao/BuzzDao.php loadMorePostsFormprofileUserId parameter to the buzz/loadMoreProfile endpoint...

8.5AI score0.02325EPSS
Exploits1References4
CVE
CVE
added 2021/01/05 8:30 p.m.46 views

CVE-2020-29437

CVE-2020-29437 describes an SQL injection in the Buzz module of OrangeHRM (up to version 4.6) that allows remote authenticated attackers to execute arbitrary SQL commands via the loadMorePostsForm[profileUserId] parameter to the buzz/loadMoreProfile endpoint. The underlying issue is unvalidated i...

8.1CVSS8.4AI score0.02325EPSS
Exploits1References4Affected Software1
Openbugbounty
Openbugbounty
added 2020/10/04 12:38 p.m.10 views

worldofbuzz.com Improper Access Control vulnerability OBB-1381394

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

0.2AI score
Exploits0
hackapp
hackapp
added 2016/04/01 8:55 a.m.19 views

Popcorn Buzz: Free Group Calls - Corrupted files, External URLs, KeyStore usage vulnerabilities

HackApp vulnerability scanner discovered that application Popcorn Buzz: Free Group Calls published at the 'play' market has multiple vulnerabilities...

0.1AI score
Exploits0References1Affected Software1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.21 views

Joomla EasyBlog Persistent XSS Vulnerability

No description provided by source. Name : Joomla EasyBlog Persistent XSS Vulnerability Date : july 12,2010 Critical Level : HIGH vendor URL :http://stackideas.com/products/easyblog.html Author : Sid3^effects aKa HaRi special thanks to : r0073r inj3ct0r.com,L0rd...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.11 views

cms buzz (xss/pc/hi) Multiple Vulnerabilities

No description provided by source. + CMS Buzz xss/Change PasswordMultiple Remote Vulnerabilities + Discovered By ThE g0bL!N + Vendor:cmsbuzz.com + Note : If you are The S3r!0uS I say To Fuck you Because You are Hacked Site Of My Best Friends dz-boys.com + Demo:http://demo.cmsbuzz.com/ + Greeting ...

7.1AI score
Exploits0
ThreatPost
ThreatPost
added 2013/04/01 4:52 p.m.12 views

Google Privacy Director Alma Whitten Leaving

Alma Whitten, the director of privacy at Google, is stepping down from that role and leaves behind her a complicated legacy in regards to user privacy. Whitten has been the company’s top product and engineering privacy official since 2010 and was at the helm as the company navigated a number of...

6.9AI score
Exploits0References8
ThreatPost
ThreatPost
added 2012/04/06 4:34 p.m.16 views

Page's CEO Letter Gives Short Shrift To Privacy, Security

Privacy and security are not the top concerns for Google’s Larry Page, at least if the CEO’s most recent message to investors is any indication. The 3,500 word letter makes scant mention of either security or user privacy and gives the public little indication of Google’s plans to address the...

6.8AI score
Exploits0References9
ThreatPost
ThreatPost
added 2012/02/17 5:25 p.m.7 views

Google, Advertising Companies, Found Bypassing Safari Privacy Settings

Google and several other advertising companies have allegedly been evading the privacy controls of Apple’s Safari browser by placing a special kind of tracking code on a handful of sites, according to new research done by Stanford grad student Jonathan Mayer. To follow up on Mayer’s work,...

1.4AI score
Exploits0References7
ThreatPost
ThreatPost
added 2011/03/30 4:45 p.m.10 views

FTC: Google Used Deceptive Practices In Buzz Social Network

Search giant Google has agreed to settle a case with the U.S. Federal Trade Commission on Wednesday over charges that it used deceptive tactics and violated its own privacy policy when it launched Google Buzz, a social network, in 2010. Google agreed to implement a comprehensive privacy program a...

2.3AI score
Exploits0References3
Packet Storm
Packet Storm
added 2010/07/13 12:0 a.m.35 views

Joomla EasyBlog Cross Site Scripting

Name : Joomla EasyBlog Persistent XSS Vulnerability Date : july 12,2010 Critical Level : HIGH vendor URL :http://stackideas.com/products/easyblog.html Author : Sid3^effects aKa HaRi special thanks to : r0073r inj3ct0r.com,L0rd CruSad3r,MaYur,MA1201,KeDar,Sonic,gunslinger greetz to...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2010/07/12 12:0 a.m.21 views

Joomla! Component EasyBlog - Persistent Cross-Site Scripting

Joomla! Component EasyBlog - Persistent Cross-Site Scripting Name : Joomla EasyBlog Persistent XSS Vulnerability Date : july 12,2010 Critical Level : HIGH vendor URL :http://stackideas.com/products/easyblog.html Author : Sid3^effects aKa HaRi special thanks to : r0073r inj3ct0r.com,L0rd...

6.8AI score
Exploits0
ThreatPost
ThreatPost
added 2010/02/17 9:21 p.m.19 views

Google Buzz XSS Flaw Fixed

Google has fixed a Web flaw that gave hackers a way to take control of Google Buzz accounts. Read the full article. Computerworld...

2.5AI score
Exploits0References2
ThreatPost
ThreatPost
added 2010/02/17 2:57 p.m.10 views

Google Buzz Open to XSS Hacks

A common Web programming error could give hackers a way to take over Google Buzz accounts with cross site scripting, a security expert said. Read the full article. Computerworld...

1.1AI score
Exploits0References2
securityvulns
securityvulns
added 2009/06/22 12:0 a.m.41 views

CMS Buzz (XSS/PC/HI) Multiple Remote Vulnerabilities

CMS Buzz xss/Change PasswordMultiple Remote Vulnerabilities + Discovered By xhaxkerx + Vendor: http://www.c99.mobi + Note : If you are The S3r!0uS I say To Fuck you Because You are Hacked Site Of My Best Friends dz-boys.com + Demo:http://demo.cmsbuzz.com/ + Greeting : yasin Remote Changing...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2009/06/19 12:0 a.m.18 views

CMS Buzz Cross Site Scripting

CMS Buzz xss/Change PasswordMultiple Remote Vulnerabilities + Discovered By ThE g0bL!N + Vendor:cmsbuzz.com + Note : If you are The S3r!0uS I say To Fuck you Because You are Hacked Site Of My Best Friends dz-boys.com + Demo:http://demo.cmsbuzz.com/ + Greeting : All my freinds Dz Remote Changing...

7.4AI score
Exploits0
0day.today
0day.today
added 2009/06/18 12:0 a.m.11 views

CMS Buzz (XSS/PC/HI) Multiple Remote Vulnerabilities

Exploit for unknown platform in category web applications ==================================================== CMS Buzz XSS/PC/HI Multiple Remote Vulnerabilities ==================================================== + CMS Buzz xss/Change PasswordMultiple Remote Vulnerabilities + Discovered By ThE...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2009/06/18 12:0 a.m.9 views

CMS buzz - Cross-Site Scripting Password Change HTML Injection

CMS buzz - Cross-Site Scripting Password Change HTML Injection + CMS Buzz xss/Change PasswordMultiple Remote Vulnerabilities + Discovered By ThE g0bL!N + Vendor:cmsbuzz.com + Note : If you are The S3r!0uS I say To Fuck you Because You are Hacked Site Of My Best Friends dz-boys.com +...

0.1AI score
Exploits0
Rows per page
Query Builder