11 matches found
SAP Web Dispatcher HTTP Request Smuggling
Onapsis Security Advisory 2022-0001: HTTP Request Smuggling in SAP Web Dispatcher Impact on Business By injecting an HTTP request as a prefix into a victim's request, a malicious user is able to cause damage in different ways, such as producing a Denial of Service by setting an invalid request as...
vogue.in Cross Site Scripting vulnerability OBB-2100752
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| vogue.in ---|--- Open Bug Bounty...
Blind SSRF in widgetConnector - CVE-2021-26072
Affected versions of Atlassian Confluence Server allow remote attackers to manipulate the content of internal network resources via a blind Server-Side Request Forgery SSRF vulnerability in the widgetconnector plugin. When running in an environment like Amazon EC2, this flaw may be used to access...
icewarp1.educacional.net Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1077575 Security Researcher MertC Helped patch 9 vulnerabilities Received 0 Coordinated Disclosure badges , found a security vulnerability affecting icewarp1.educacional.net website and its users. Following coordinated and responsible vulnerability disclosure guidelines of...
NuCom NC-WR644GACV Unauthenticated Configuration File Download
Overview ======== Researchers of NVEL4 Cybersecurity company have discovered that it is possible to access to the config file bypassing admin authentication and authorization. The vulnerability has been reported to the vendor. The vendor has confirmed the vulnerability but not issued to security...
payrollfree.com XSS vulnerability
Open Bug Bounty ID: OBB-591441 Description| Value ---|--- Affected Website:| payrollfree.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
dragon15251.godo.co.kr XSS vulnerability
Open Bug Bounty ID: OBB-568546 Description| Value ---|--- Affected Website:| dragon15251.godo.co.kr Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
schuetzen.scheffau.net XSS vulnerability
Open Bug Bounty ID: OBB-511918 Description| Value ---|--- Affected Website:| schuetzen.scheffau.net Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
abqtodo.com XSS vulnerability
Open Bug Bounty ID: OBB-454908 Description| Value ---|--- Affected Website:| abqtodo.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
abudhabi.dubaiposter.com XSS vulnerability
Open Bug Bounty ID: OBB-410543 Description| Value ---|--- Affected Website:| abudhabi.dubaiposter.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Preventio...
Epicor Retail Store Help System 3.2.03.01.008 Code Execution
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Title: Code Injection in Epicor Retail Store Help System CVE: CVE-2015-2210 Vendor: Epicor Product: CRS Retail Store v3.2.03.01.008 Affected version: 3.2.03.01.008 Reported by: Zeng Xianbo Joseph [email protected] Issue identified by: Zeng...