louwman.nl XSS vulnerability

Open Bug Bounty ID: OBB-292420 Description| Value ---|--- Affected Website:| louwman.nl Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Equifax Says Breach Affects 143 Million Americans

Equifax, one of the three largest consumer credit reporting agencies in the United States, disclosed Thursday afternoon it’s looking into a data breach that may have affected upwards to 143 million Americans. The company said in a statement on its site that cybercriminals managed to exploit an...

classicofny.com XSS vulnerability

Open Bug Bounty ID: OBB-280402 Description| Value ---|--- Affected Website:| classicofny.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

140.128.103.234 XSS vulnerability

Vulnerable URL: http://140.128.103.234/BSWebone.do?searchinput=4"'--!field=EXH Details: Description| Value ---|--- Patched:| No Latest check for patch:| 21.11.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| No...

Fedora 26 : php-horde-nag (2017-d1c86c61f2)

nag 4.2.15 - jan SECURITY: Fix open redirects. - mjr Fix handling of delayed start dates Bug 14634. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much a...

Fedora 25 : php-horde-nag (2017-34d34904f5)

nag 4.2.15 - jan SECURITY: Fix open redirects. - mjr Fix handling of delayed start dates Bug 14634. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much a...

CVE-2017-12477

creationtimestamp| type| source ---|---|--- 2017-08-08 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/42957 2017-10-23 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/43031 2018-05-29 15:50:33+00:00| seen|...

Sonicwall Secure Remote Access 8.1.0.2-14sv - Command Injection

Sonicwall Secure Remote Access SRA - Command Injection Vulnerabilities Vendor: Sonicwall Dell Product: Secure Remote Access SRA Version: 8.1.0.2-14sv Platform: Embedded Linux Discovery: Russell Sanford of Critical Start www.CriticalStart.com CVE: cve-2016-9682 Tested against version 8.1.0.2-14sv ...

CVE-2017-1000366

creationtimestamp| type| source ---|---|--- 2017-06-19 17:25:22+00:00| published-proof-of-concept| https://t.me/SysadminNotes/179 2017-06-28 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/42276 2017-06-28 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/42275...

CVE-2017-7615

creationtimestamp| type| source ---|---|--- 2017-04-16 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/41890 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/admin/http/mantisbtpasswordreset.rb 2021-02-05 21:43:47+00:00|...

Analysis of the EQGRP leakage

As you know, yesterday TheShadowBrokers group released EQGRP archive with some interesting data inside. As they mentioned, it’s a NSA leakage with a lot of “cyberweapon”. I analysed this data yesterday to find the answers to following questions: 1. When did the leak occur? 2. Who were the targets...

literaturtipps.de XSS vulnerability

Vulnerable URL: http://www.literaturtipps.de/suchergebnisse/?txbookonlinepi1%5Bsword%5D=%3C%2Fscript%3E%3Cimg+src%3Dx+onerror%3Dprompt%28%2FXSSPOSED%2F%29%3E=9=12 Details: Description| Value ---|--- Patched:| No Latest check for patch:| 28.07.2017 Vulnerability type:| XSS Vulnerability status:|...

CVE-2016-6277

creationtimestamp| type| source ---|---|--- 2016-12-07 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/40889 2017-03-13 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/41598 2018-05-24 15:44:33+00:00| seen| MISP/5b06d57d-f2b8-4357-9038-45d39f590eb0 2018-05-29...

dpreview.com XSS vulnerability

Vulnerable URL: https://www.dpreview.com/members/8618821799/overview Details: Description| Value ---|--- Patched:| Yes, at 09.10.2016 Latest check for patch:| 09.10.2016 22:14 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 1624 VIP website status:| Yes...

CVE-2016-6433

creationtimestamp| type| source ---|---|--- 2016-10-05 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/40463 2017-01-13 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/41041 2018-05-29 15:50:33+00:00| seen|...

CVE-2016-0189

creationtimestamp| type| source ---|---|--- 2016-10-02 16:51:25+00:00| seen| MISP/57f12c6a-5864-4abb-8207-5a60646d1a36 2017-08-23 20:52:05+00:00| published-proof-of-concept| https://t.me/SHATOOB/1973 2017-08-30 07:57:15+00:00| seen| MISP/59a66b5f-28b0-45c2-8bf6-06bcbce2ab96 2018-03-27...

CVE-2016-5284

Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird 45.4 rely on unintended expiration dates for Preloaded Public Key Pinning, which allows man-in-the-middle attackers to spoof add-on updates by leveraging possession of an X.509 server certificate for addons.mozilla.org...

CVE-2016-5284

Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird 45.4 rely on unintended expiration dates for Preloaded Public Key Pinning, which allows man-in-the-middle attackers to spoof add-on updates by leveraging possession of an X.509 server certificate for addons.mozilla.org...

Mozilla Patching Firefox Certificate Pinning Vulnerability

Mozilla is expected tomorrow to patch a critical vulnerability in Firefox’s automated update process for extensions that should put the wraps on a confusing set of twists surrounding this bug. The flaw also affected the Tor Browser and was patched Friday by the Tor Project. The vulnerability firs...

madisonsquarepark.org XSS vulnerability

Vulnerable URL: https://www.madisonsquarepark.org/?s=%27;alert0//%5C%27;alert1//%22;alert2//%5C%22;alert+3//--%3E%3C/SCRIPT%3E%22%3E%27+%3E%3CSCRIPT%3Ealert/XSSPOSED/%3C/SCRIPT%3E=&%7B%7D%22;%7Dalert6+;function+xss%7B// Details: Description| Value ---|--- Patched:| No Latest check for patch:|...