arx.co.kr XSS vulnerability

Open Bug Bounty ID: OBB-563268 Description| Value ---|--- Affected Website:| arx.co.kr Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

bop.gov XSS vulnerability

Open Bug Bounty ID: OBB-559791 Description| Value ---|--- Affected Website:| bop.gov Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

neoartists.co.uk XSS vulnerability

Open Bug Bounty ID: OBB-559051 Description| Value ---|--- Affected Website:| neoartists.co.uk Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Disclosure Standard:| Coordinated Disclosure...

the-outpost.co.uk XSS vulnerability

Open Bug Bounty ID: OBB-553529 Description| Value ---|--- Affected Website:| the-outpost.co.uk Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

DEBIAN-CVE-2018-6188

django.contrib.auth.forms.AuthenticationForm in Django 2.0 before 2.0.2, and 1.11.8 and 1.11.9, allows remote attackers to obtain potentially sensitive information by leveraging data exposure from the confirmloginallowed method, as demonstrated by discovering whether a user account is inactive...

ALPINE-CVE-2018-6188

django.contrib.auth.forms.AuthenticationForm in Django 2.0 before 2.0.2, and 1.11.8 and 1.11.9, allows remote attackers to obtain potentially sensitive information by leveraging data exposure from the confirmloginallowed method, as demonstrated by discovering whether a user account is inactive...

PYSEC-2018-4

django.contrib.auth.forms.AuthenticationForm in Django 2.0 before 2.0.2, and 1.11.8 and 1.11.9, allows remote attackers to obtain potentially sensitive information by leveraging data exposure from the confirmloginallowed method, as demonstrated by discovering whether a user account is inactive...

sieberz.sk XSS vulnerability

Open Bug Bounty ID: OBB-539425 Description| Value ---|--- Affected Website:| sieberz.sk Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

amazone.de XSS vulnerability

Open Bug Bounty ID: OBB-516035 Description| Value ---|--- Affected Website:| amazone.de Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Disclosure Standard:| Coordinated Disclosure based on...

daddyprinters.com XSS vulnerability

Open Bug Bounty ID: OBB-506565 Description| Value ---|--- Affected Website:| daddyprinters.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

scottmotorcompany.co.uk XSS vulnerability

Open Bug Bounty ID: OBB-455703 Description| Value ---|--- Affected Website:| scottmotorcompany.co.uk Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention...

vivahakala.com XSS vulnerability

Open Bug Bounty ID: OBB-453057 Description| Value ---|--- Affected Website:| vivahakala.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat...

api.win4000.com XSS vulnerability

Open Bug Bounty ID: OBB-449623 Description| Value ---|--- Affected Website:| api.win4000.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat...

webapps.fitzmuseum.cam.ac.uk XSS vulnerability

Vulnerable URL: http://webapps.fitzmuseum.cam.ac.uk/explorer/index.php/"'--!confirm/OPENBUGBOUNTY/...

automechanikadubai.com XSS vulnerability

Open Bug Bounty ID: OBB-447148 Description| Value ---|--- Affected Website:| automechanikadubai.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention...

de.freedom.tm XSS vulnerability

Vulnerable URL: http://de.freedom.tm/login?rdr="'--!confirm/OPENBUGBOUNTY/...

riftgoldshop.com XSS vulnerability

Vulnerable URL: http://www.riftgoldshop.com/selectserver-usd.asp?ServerName="'--!confirm/OPENBUGBOUNTY/...

nao.gov.bh XSS vulnerability

Open Bug Bounty ID: OBB-359559 Description| Value ---|--- Affected Website:| nao.gov.bh Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

NexusPHP Cross-Site Scripting Vulnerability (CNVD-2017-30100)

NexusPHP is a resource sharing community solution written in PHP developed by the Nexus team in China. A cross-site scripting vulnerability exists in NexusPHP. A remote attacker can exploit this vulnerability by sending PATHINFO to the cheaters.php or confirmresend.php file to inject arbitrary we...

CVE-2017-12906

Multiple cross-site scripting XSS vulnerabilities in NexusPHP allow remote attackers to inject arbitrary web script or HTML via the PATHINFO to 1 cheaters.php or 2 confirmresend.php...