21 matches found
A week in security (November 4 – November 10)
Last week on Malwarebytes Labs: Hello again, FakeBat: popular loader returns after months-long hiatus TikTok ordered to close Canada offices following "national security review" Air fryers are the latest surveillance threat you didn’t consider Malwarebytes acquires AzireVPN to fuel additional VPN...
City of Columbus breach affects around half a million citizens
A ransomware attack against the City of Columbus, Ohio—which drew public scrutiny following the city government's attempt to silence a researcher who told the public about the attack—has received a little more detail from an unexpected source: The Attorney General for the state of Maine. In a dat...
City of Columbus tries to silence security researcher
The City of Columbus, Ohio is suing a security researcher for sharing stolen data. All the complaint will accomplish, we imagine, is spotlight the ignorance of certain city officials in handling a common security matter. What happened is that the City of Columbus was attacked by a ransomware grou...
jaincentercolumbus.org Cross Site Scripting vulnerability OBB-3938704
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
columbusautomall.com Cross Site Scripting vulnerability OBB-3565296
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
columbus-theater.com Cross Site Scripting vulnerability OBB-3552851
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
columbuschill.net Cross Site Scripting vulnerability OBB-3343289
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
columbusdaylilies.org Cross Site Scripting vulnerability OBB-3299277
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
columbus-theater.com Cross Site Scripting vulnerability OBB-3228742
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
columbus-theater.com Cross Site Scripting vulnerability OBB-3226501
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
columbus-hotel.de Cross Site Scripting vulnerability OBB-2802953
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
columbuscommons.org Open Redirect vulnerability OBB-2348638
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
columbusfreecarinsurancequotes.com Cross Site Scripting vulnerability OBB-1423554
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
columbusgrandhotel.com Cross Site Scripting vulnerability OBB-1282055
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
leadership.columbusstate.edu Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1006496 Security Researcher devl00p Helped patch 3019 vulnerabilities Received 10 Coordinated Disclosure badges Received 15 recommendations , a holder of 10 badges for responsible and coordinated disclosure, found a security vulnerability affecting...
finaid.columbusstate.edu Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1005000 Security Researcher devl00p Helped patch 3000 vulnerabilities Received 10 Coordinated Disclosure badges Received 15 recommendations , a holder of 10 badges for responsible and coordinated disclosure, found a security vulnerability affecting finaid.columbusstate.edu...
sga.columbusstate.edu XSS vulnerability
Open Bug Bounty ID: OBB-626498 Description| Value ---|--- Affected Website:| sga.columbusstate.edu Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
aa.columbusstate.edu XSS vulnerability
Open Bug Bounty ID: OBB-456036 Description| Value ---|--- Affected Website:| aa.columbusstate.edu Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention...
columbus-theater.com XSS vulnerability
Open Bug Bounty ID: OBB-360982 Description| Value ---|--- Affected Website:| columbus-theater.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention...
columbusohcoc.wliinc24.com Open Redirect vulnerability
Vulnerable URL: http://columbusohcoc.wliinc24.com/CWT/External/WCPages/WCBanners/BannerReferral.aspx?ProfileID=116682=22=0=http://xssposed.org Details: Description| Value ---|--- Patched:| Yes, at 25.07.2017 Latest check for patch:| 25.07.2017 12:41 GMT Vulnerability type:| Open Redirect...