EUVD-2025-4056

Malicious code in bioql PyPI...

CVE-2025-25146

Cross-Site Request Forgery CSRF vulnerability in saleandro Songkick Concerts and Festivals songkick-concerts-and-festivals allows Cross Site Request Forgery.This issue affects Songkick Concerts and Festivals: from n/a through = 0.9.7...

CVE-2025-25146

Cross-Site Request Forgery CSRF vulnerability in saleandro Songkick Concerts and Festivals songkick-concerts-and-festivals allows Cross Site Request Forgery.This issue affects Songkick Concerts and Festivals: from n/a through = 0.9.7...

CVE-2025-25146 WordPress Songkick Concerts and Festivals plugin <= 0.9.7 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in saleandro Songkick Concerts and Festivals allows Cross Site Request Forgery. This issue affects Songkick Concerts and Festivals: from n/a through 0.9.7...

CVE-2025-25146

CVE-2025-25146 arises from a CSRF flaw in the WordPress plugin Songkick Concerts and Festivals (vendor: saleandro) affecting versions up to 0.9.7 . The vulnerability permits unauthorized actions to be performed on behalf of authenticated users by exploiting cross-site requests. The CVE entry list...

CVE-2025-25146 WordPress Songkick Concerts and Festivals plugin <= 0.9.7 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in saleandro Songkick Concerts and Festivals songkick-concerts-and-festivals allows Cross Site Request Forgery.This issue affects Songkick Concerts and Festivals: from n/a through = 0.9.7...

WordPress plugin Songkick Concerts and Festivals 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site request forgery vulnerability exists in t...

PT-2025-5955 · Songkick · Songkick Concerts/Festivals

Name of the Vulnerable Software and Affected Versions: Songkick Concerts and Festivals versions 0.9.7 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability, which allows an attacker to perform unauthorized actions on a user's account. This can be achieved by tricki...

WordPress Songkick Concerts and Festivals plugin <= 0.9.7 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Pham Van Tam in WordPress Plugin Songkick Concerts and Festivals versions = 0.9.7...

Ticketmaster Hackers Leak 30K Ticket Barcodes, Share Counterfeit Tutorial

Ticketmaster hackers leak 30,000 ticket barcodes for top upcoming events, including music concerts. They also share a DIY…...

Desperate Taylor Swift fans defrauded by ticket scams

Ticket scams are very common and apparently hard to stop. When there are not nearly enough tickets for some concerts to accommodate all the fans that desperately want to be there, it makes for ideal hunting grounds for scammers. With a ticket scam, you pay for a ticket and you either don’t receiv...

concerts-cantabile.com Cross Site Scripting vulnerability OBB-3854875

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

imcconcerts.com Cross Site Scripting vulnerability OBB-3852407

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

parisconcerts-tickets.com Cross Site Scripting vulnerability OBB-2387932

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

concerts-metal.com XSS vulnerability

Open Bug Bounty ID: OBB-207106 Description| Value ---|--- Affected Website:| concerts-metal.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

concerts-metal.com XSS vulnerability

Open Bug Bounty ID: OBB-203817 Description| Value ---|--- Affected Website:| concerts-metal.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Apple Patents Technology to remotely disable your iPhone Camera at Concerts

Here's something you'll not like at all: Apple has been awarded a patent for technology that would prevent you from snapping pictures and shooting videos with your iPhone or iPad at places or events, like concerts or museums, where it might be prohibited or inappropriate. The patent, granted on...

Bandsintown Concerts - Customized SSL, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Bandsintown Concerts published at the 'play' market has multiple vulnerabilities...

CVE-2014-5949

The CVE-2014-5949 entry concerns the Android app “The TICKET APP - Concerts & Sports” (com.xcr.android.ticketapp) version 3.0.1. It does not verify X.509 certificates from SSL servers, allowing man‑in‑the‑middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

Hackers Indicted in $25 Million Ticket Scheme

A ring of ticket brokers has been indicted in connection to an elaborate hacking scheme that used bots and other fraudulent means to purchase more than 1 million tickets for concerts, sporting events and other events. The defendants made more than $25 million in profits from the resale of the...