17 matches found
EUVD-2020-17382
Malware in sbrugna...
Malicious code in test-mlw2-crest-licht-stems-pents (npm)
The package test-mlw2-crest-licht-stems-pents was found to contain malicious code...
MAL-2025-35151 Malicious code in test-mlw2-crest-licht-stems-pents (npm)
The package test-mlw2-crest-licht-stems-pents was found to contain malicious code...
Secure Ideas Achieves CREST Accreditation and CMMC Level 1 Compliance
Jacksonville, United States, 3rd April 2025, CyberNewsWire...
Crest Engine CMS 1.0 Cross Site Scripting
Crest Engine CMS version 1.0 suffers from a cross site scripting vulnerability. Exploit Title: Crest Engine CMS - Reflected Cross-Site Scripting XSS Exploit Author: wa-3, Telegram: @wa03 Vendor Homepage: http://e-gate.me/ Version: 1.0 Tested on: http://demo.e-gate.me/ Vulnerable path:/crest/engin...
3yrs of CAA ASSURE assessments. What we’ve learned
Introduction Were now in our third year of CREST CAA ASSURE auditing and weve learned a lot. The Cyber Assessment Framework CAF is big, theres no denying that. It’s not something that you can complete overnight, it’s not something that requires minimal effort and can just be thrown at an auditor ...
Tips for Choosing a Pentesting Company
In today's world of automated hacking systems, frequent data breaches and consumer protection regulations such as GDPR and PCI DSS, penetration testing is now an essential security requirement for organisations of all sizes. But what should you look for when choosing the right provider? The sheer...
crest-job.com Cross Site Scripting vulnerability OBB-2154651
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
Trace Financial Crest Bridge Cross-Site Scripting Vulnerability
CRESTBridge is a resilient, feature-rich interface for Trace Financial.A cross-site scripting vulnerability exists in Trace Financial Crest Bridge, which can be exploited by attackers to execute client-side code...
CVE-2020-24668
Trace Financial Crest Bridge 6.3.0.02 contains a stored XSS vulnerability, which was fixed in 6.3.0.03...
CVE-2020-24668
Trace Financial Crest Bridge 6.3.0.02 contains a stored XSS vulnerability, which was fixed in 6.3.0.03...
CVE-2020-24668
Trace Financial Crest Bridge 6.3.0.02 contains a stored XSS vulnerability, which was fixed in 6.3.0.03...
CVE-2020-24668
CVE-2020-24668 : The Red Hat/Trace Financial Crest Bridge family reports a stored XSS vulnerability in Crest Bridge versions prior to 6.3.0.02, allowing injection of client-side script. The issue is mitigated by upgrading to 6.3.0.03, which resolves the flaw. Documentation across multiple sources...
Trace Financial Crest Bridge 跨站脚本漏洞
CRESTBridge is a resilient, feature-rich interface for Trace Financial.A cross-site scripting vulnerability exists in Trace Financial Crest Bridge, which can be exploited by attackers to execute client-side code...
ASSURE Aviation Cyber Security Testing
We've long been supporters and champions of a formalised approach to Aviation Cyber Security Testing. Our research and blogging has taken us on an interesting journey regarding airside and landside security, mapping attack surfaces and explaining how systems work and interact. Speaking and...
TP-Link TL-WR841N v13 Authentication Command Injection Vulnerability
The TP-Link TL-WR841N v13 is a wireless router device. An authentication command injection vulnerability exists in the TP-Link TL-WR841N v13 ping and traceroute functions. An authenticated attacker can execute arbitrary commands on the router by sending specific CREST HTTP requests to the router...
crestedbuttearts.org XSS vulnerability
Open Bug Bounty ID: OBB-613590 Description| Value ---|--- Affected Website:| crestedbuttearts.org Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...