@alivault/pico (>=0.1.0 <=0.1.2), @ardeora/start-devtools (>=1.0.0 <=1.0.1) +92 more potentially affected by unknown CVE via @tanstack/react-start-server (>=1.121.0-alpha.28 <=1.166.52)

@tanstack/react-start-server NPM version =1.121.0-alpha.28, =0.1.0, =1.0.0, =0.0.1, =0.5.2, =0.1.1, =0.0.4, =1.0.0, =0.2.0, =0.2.0, =0.1.1, =0.2.0, =0.2.0, =0.1.14, =0.1.0, =0.1.38 and more Source cves: unknown CVE Source advisory: OSV:MAL-2026-3471...

EUVD-2008-3722

Malware in sbrugna...

EUVD-2008-3723

Malware in sbrugna...

EUVD-2010-0663

Malware in sbrugna...

retinaconsultantsofamerica.com Cross Site Scripting vulnerability OBB-3839207

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2023-49281

CVE-2023-49281 affects the Calendarinho open-source calendaring application, with an Open Redirect in the login path caused by insufficient validation. Versions prior to commit 15b2393 are vulnerable, enabling phishing risks through redirection to external URLs. The issue has been patched in comm...

carpetconsultants.com Improper Access Control vulnerability OBB-3795136

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Webinar: How vCISOs Can Navigating the Complex World of AI and LLM Security

In today's rapidly evolving technological landscape, the integration of Artificial Intelligence AI and Large Language Models LLMs has become ubiquitous across various industries. This wave of innovation promises improved efficiency and performance, but lurking beneath the surface are complex...

grammasconsultants.com Cross Site Scripting vulnerability OBB-2741435

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

omegaconsultantsgroup.com Cross Site Scripting vulnerability OBB-2672209

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

integritypainconsultants.com Cross Site Scripting vulnerability OBB-2510379

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

How to Tell a Job Offer from an ID Theft Trap

One of the oldest scams around -- the fake job interview that seeks only to harvest your personal and financial data -- is on the rise, the FBI warns. Heres the story of a recent LinkedIn impersonation scam that led to more than 100 people getting duped, and one almost-victim who decided the job...

CVE-2021-21260

Online Invoicing System OIS is open source software which is a lean invoicing system for small businesses, consultants and freelancers created using AppGini. In OIS version 4.0 there is a stored XSS which can enables an attacker takeover of the admin account through a payload that extracts a csrf...

CVE-2021-21260

Online Invoicing System OIS is open source software which is a lean invoicing system for small businesses, consultants and freelancers created using AppGini. In OIS version 4.0 there is a stored XSS which can enables an attacker takeover of the admin account through a payload that extracts a csrf...

CVE-2021-21260

The CVE-2021-21260 entry describes a stored XSS in Online Invoicing System (OIS) v4.0, caused by unsanitized input reflected in app/items_view.php (Item description). This enables an attacker to potentially takeover an admin account by injecting a payload that extracts a CSRF token and issues a p...

dsmconsultants.co.uk Cross Site Scripting vulnerability OBB-1382083

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

environmentalconsultantsmanchester.co.uk Open Redirect vulnerability

Open Bug Bounty ID: OBB-1175272 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...

Digging Up the Past: Windows Registry Forensics Revisited

ARCHIVED STORY Digging Up the Past: Windows Registry Forensics Revisited By David Via · Jan 08, 2019 Introduction FireEye consultants frequently utilize Windows registry data when performing forensic analysis of computer networks as part of incident response and compromise assessment missions. Th...

saffron-consultants.com XSS vulnerability

Open Bug Bounty ID: OBB-712027 Description| Value ---|--- Affected Website:| saffron-consultants.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:|...

saffron-consultants.com XSS vulnerability

Open Bug Bounty ID: OBB-711383 Description| Value ---|--- Affected Website:| saffron-consultants.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:|...