chip.de Improper Access Control vulnerability

Open Bug Bounty ID: OBB-1022562 Security Researcher D34D Helped patch 277 vulnerabilities Received 5 Coordinated Disclosure badges Received 12 recommendations , a holder of 5 badges for responsible and coordinated disclosure, found a security vulnerability affecting chip.de website and its users...

chip.de XSS vulnerability

Vulnerable URL: http://www.chip.de/sspecials/DSL-Vergleichsrechner68629483.html?area=asdf%22%3E%3C%2Fiframe%3E%3Csvg%20onload=alert%22OPENBUGBOUNTY%22%3E=16000 Details: Description| Value ---|--- Patched:| Yes, at 09.09.2017 Latest check for patch:| 09.09.2017 17:03 GMT Vulnerability type:| XSS...

chip.de XSS vulnerability

Vulnerable URL: http://www.chip.de/Test-MP3-Player13608499.html/x%22%3E%3CsvG%20onLoad=promptOPENBUGBOUNTY%3E Details: Description| Value ---|--- Patched:| Yes, at 27.09.2017 Latest check for patch:| 27.09.2017 06:17 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Ran...

myMP3-Player 3.0 - Buffer Overflow Exploit

No description provided by source. Exploit Title: myMP3-Player 3.0 NOT SEH Overwrite Date: 8 / 8 / 2010 Author: Oh Yaw Theng Software Link: http://www.chip.de/downloads/myMP3-Player-3.013008621.html Version: 3.0 Tested on: Windows XP SP 2 CVE : N / A !/usr/bin/python filename = crash.m3u junk =...

Unfixed XSS vulnerability at www.chip.de

Security researcher watt, has submitted on 13/12/2010 a cross-site-scripting XSS vulnerability affecting www.chip.de, which at the time of submission ranked 433 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 25/12/2011. It is currently unfixed...

myMP3-Player 3.0 - '.m3u' Local Buffer Overflow (SEH)

!/usr/bin/perl Title: myMP3-Player v3.0 .m3u Local Buffer Overflow Exploit SEH Date: 18.03.2010 Author: n3w7u Software Link: http://www.chip.de/downloads/myMP3-Player-3.013008621.html Version: 3.0 and the other version can't be download from serious Page, and don't be free. Tested on: Windows XP...