6 matches found
catalogue.curtin.edu.au XSS vulnerability
Open Bug Bounty ID: OBB-682748 Description| Value ---|--- Affected Website:| catalogue.curtin.edu.au Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:|...
courses.curtin.edu.au XSS vulnerability
Open Bug Bounty ID: OBB-553270 Description| Value ---|--- Affected Website:| courses.curtin.edu.au Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
resenv.curtin.edu.au XSS vulnerability
Vulnerable URL: https://resenv.curtin.edu.au/local/video/mediaplayer.swf?file=http://content.bitsontherun.com/videos/bkaovAYt-364766.flv=falseℑ=http://appsec.ws/ExploitDB/cMon.jpg=true=javascript:confirm/openbugbounty/;//=blank&.swf Details: Description| Value ---|--- Patched:| No Latest check fo...
courses.curtin.edu.au XSS vulnerability
Vulnerable URL: http://courses.curtin.edu.au/courseoverview/all-courses-search.cfm?cFinderSearch===A=aaaaa%27%22+mytestattr%3Dxxx+bad%3D%22%3Edemoniuma%27aa%22%3E%3C%2Ftitle%3E%3C%2Fscript%3Ea%27aa%22%22%3E%3Cimg%20src=x%20onerror=prompt/OPENBUGBOUNTY/%3E=1 Details: Description| Value ---|---...
WebCT 4.x Javascript Session Stealer
WebCT 4.x Javascript Session Stealer Exploits Software: WebCT Campus Edition 4.x http://secunia.com/product/3280/ Affected Version: 4.1.5.8 Discoverer: Benjamin "balupton" Lupton Date Discovered: November 2005 Date Reported: 25/06/2007 Software Author Contacted again on: 20/07/2007 Date Published...
WebCT 4.1.5 - Email and Discussion Board Messages HTML Injection
WebCT 4.1.5 - Email and Discussion Board Messages HTML Injection source: https://www.securityfocus.com/bid/28107/info WebCT is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content...