129 matches found
CVE-2020-29437
SQL injection in the Buzz module of OrangeHRM through 4.6 allows remote authenticated attackers to execute arbitrary SQL commands via the orangehrmBuzzPlugin/lib/dao/BuzzDao.php loadMorePostsFormprofileUserId parameter to the buzz/loadMoreProfile endpoint...
Sql injection
SQL injection in the Buzz module of OrangeHRM through 4.6 allows remote authenticated attackers to execute arbitrary SQL commands via the orangehrmBuzzPlugin/lib/dao/BuzzDao.php loadMorePostsFormprofileUserId parameter to the buzz/loadMoreProfile endpoint...
CVE-2020-29437
SQL injection in the Buzz module of OrangeHRM through 4.6 allows remote authenticated attackers to execute arbitrary SQL commands via the orangehrmBuzzPlugin/lib/dao/BuzzDao.php loadMorePostsFormprofileUserId parameter to the buzz/loadMoreProfile endpoint...
CVE-2020-29437
CVE-2020-29437 describes an SQL injection in the Buzz module of OrangeHRM (up to version 4.6) that allows remote authenticated attackers to execute arbitrary SQL commands via the loadMorePostsForm[profileUserId] parameter to the buzz/loadMoreProfile endpoint. The underlying issue is unvalidated i...
worldofbuzz.com Improper Access Control vulnerability OBB-1381394
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
Popcorn Buzz: Free Group Calls - Corrupted files, External URLs, KeyStore usage vulnerabilities
HackApp vulnerability scanner discovered that application Popcorn Buzz: Free Group Calls published at the 'play' market has multiple vulnerabilities...
Joomla EasyBlog Persistent XSS Vulnerability
No description provided by source. Name : Joomla EasyBlog Persistent XSS Vulnerability Date : july 12,2010 Critical Level : HIGH vendor URL :http://stackideas.com/products/easyblog.html Author : Sid3^effects aKa HaRi special thanks to : r0073r inj3ct0r.com,L0rd...
cms buzz (xss/pc/hi) Multiple Vulnerabilities
No description provided by source. + CMS Buzz xss/Change PasswordMultiple Remote Vulnerabilities + Discovered By ThE g0bL!N + Vendor:cmsbuzz.com + Note : If you are The S3r!0uS I say To Fuck you Because You are Hacked Site Of My Best Friends dz-boys.com + Demo:http://demo.cmsbuzz.com/ + Greeting ...
Google Privacy Director Alma Whitten Leaving
Alma Whitten, the director of privacy at Google, is stepping down from that role and leaves behind her a complicated legacy in regards to user privacy. Whitten has been the company’s top product and engineering privacy official since 2010 and was at the helm as the company navigated a number of...
Page's CEO Letter Gives Short Shrift To Privacy, Security
Privacy and security are not the top concerns for Google’s Larry Page, at least if the CEO’s most recent message to investors is any indication. The 3,500 word letter makes scant mention of either security or user privacy and gives the public little indication of Google’s plans to address the...
Google, Advertising Companies, Found Bypassing Safari Privacy Settings
Google and several other advertising companies have allegedly been evading the privacy controls of Apple’s Safari browser by placing a special kind of tracking code on a handful of sites, according to new research done by Stanford grad student Jonathan Mayer. To follow up on Mayer’s work,...
FTC: Google Used Deceptive Practices In Buzz Social Network
Search giant Google has agreed to settle a case with the U.S. Federal Trade Commission on Wednesday over charges that it used deceptive tactics and violated its own privacy policy when it launched Google Buzz, a social network, in 2010. Google agreed to implement a comprehensive privacy program a...
Joomla EasyBlog Cross Site Scripting
Name : Joomla EasyBlog Persistent XSS Vulnerability Date : july 12,2010 Critical Level : HIGH vendor URL :http://stackideas.com/products/easyblog.html Author : Sid3^effects aKa HaRi special thanks to : r0073r inj3ct0r.com,L0rd CruSad3r,MaYur,MA1201,KeDar,Sonic,gunslinger greetz to...
Joomla! Component EasyBlog - Persistent Cross-Site Scripting
Joomla! Component EasyBlog - Persistent Cross-Site Scripting Name : Joomla EasyBlog Persistent XSS Vulnerability Date : july 12,2010 Critical Level : HIGH vendor URL :http://stackideas.com/products/easyblog.html Author : Sid3^effects aKa HaRi special thanks to : r0073r inj3ct0r.com,L0rd...
Google Buzz XSS Flaw Fixed
Google has fixed a Web flaw that gave hackers a way to take control of Google Buzz accounts. Read the full article. Computerworld...
Google Buzz Open to XSS Hacks
A common Web programming error could give hackers a way to take over Google Buzz accounts with cross site scripting, a security expert said. Read the full article. Computerworld...
CMS Buzz (XSS/PC/HI) Multiple Remote Vulnerabilities
CMS Buzz xss/Change PasswordMultiple Remote Vulnerabilities + Discovered By xhaxkerx + Vendor: http://www.c99.mobi + Note : If you are The S3r!0uS I say To Fuck you Because You are Hacked Site Of My Best Friends dz-boys.com + Demo:http://demo.cmsbuzz.com/ + Greeting : yasin Remote Changing...
CMS Buzz Cross Site Scripting
CMS Buzz xss/Change PasswordMultiple Remote Vulnerabilities + Discovered By ThE g0bL!N + Vendor:cmsbuzz.com + Note : If you are The S3r!0uS I say To Fuck you Because You are Hacked Site Of My Best Friends dz-boys.com + Demo:http://demo.cmsbuzz.com/ + Greeting : All my freinds Dz Remote Changing...
CMS Buzz (XSS/PC/HI) Multiple Remote Vulnerabilities
Exploit for unknown platform in category web applications ==================================================== CMS Buzz XSS/PC/HI Multiple Remote Vulnerabilities ==================================================== + CMS Buzz xss/Change PasswordMultiple Remote Vulnerabilities + Discovered By ThE...
CMS buzz - Cross-Site Scripting Password Change HTML Injection
CMS buzz - Cross-Site Scripting Password Change HTML Injection + CMS Buzz xss/Change PasswordMultiple Remote Vulnerabilities + Discovered By ThE g0bL!N + Vendor:cmsbuzz.com + Note : If you are The S3r!0uS I say To Fuck you Because You are Hacked Site Of My Best Friends dz-boys.com +...