Lucene search
K

15 matches found

Packet Storm News
Packet Storm News
added 2025/10/14 12:0 a.m.5 views

Hash Chaining Degrades Security at Facebook

Modern web and digital application password storage relies on password hashing for storage and security. Ad-hoc upgrade of password storage to keep up with hash algorithm norms may be used to save costs but can introduce unforeseen vulnerabilities. This is the case in the password storage scheme...

6.9AI score
Exploits0
Openbugbounty
Openbugbounty
added 2024/07/18 8:33 a.m.6 views

integrity-ethics.com Cross Site Scripting vulnerability OBB-3947408

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/10/17 8:3 p.m.19 views

aet.astanait.edu.kz Open Redirect vulnerability OBB-3752749

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.6AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/10/09 4:6 p.m.16 views

ec2-3-6-251-175.ap-south-1.compute.amazonaws.com Cross Site Scripting vulnerability OBB-3736714

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/09/25 3:55 p.m.13 views

ucaspceonline.org Cross Site Scripting vulnerability OBB-3711107

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/09/25 11:32 a.m.18 views

ccbica.aacrom.com Cross Site Scripting vulnerability OBB-3710983

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
Openbugbounty
Openbugbounty
added 2020/07/08 6:25 a.m.10 views

ethon8.com.br Cross Site Scripting vulnerability OBB-1218559

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

6.2AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2018/06/15 3:1 p.m.50 views

Totally Pwning the Tapplock (the API way)

An awesome researcher contacted us on the back of our recent Tapplock pwnage. We had been looking at the local BLE unlock mechanism, however he focussed instead on the mobile app API. Vangelis Stykas @evstykas has found a way to unlock any lock, plus scrape users PII and home addresses. Read his...

6.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/12/12 12:46 p.m.7 views

50mb.ethernet.biz XSS vulnerability

Open Bug Bounty ID: OBB-452463 Description| Value ---|--- Affected Website:| 50mb.ethernet.biz Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat...

6.4AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/10/05 9:59 a.m.16 views

rnpnet.ethz.ch XSS vulnerability

Open Bug Bounty ID: OBB-323015 Description| Value ---|--- Affected Website:| rnpnet.ethz.ch Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.3AI score
Exploits0
exploitpack
exploitpack
added 2014/09/09 12:0 a.m.23 views

ALCASAR 2.8 - Remote Code Execution

ALCASAR 2.8 - Remote Code Execution !/usr/bin/env python -- coding: utf-8 -- ALCASAR = 2.8 Remote Root Code Execution Vulnerability Author: eF Date : 2014-02-10 db 88 ,ad8888ba, db ad88888ba db 88888888ba d88b 88 d8"' "8b d88b d8" "8b d88b 88 "8b d8'8b 88 d8' d8'8b Y8, d8'8b 88 ,8P d8' 8b 88 88 d...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2014/09/09 12:0 a.m.26 views

ALCASAR-Remote

By sending a specially crafted value in the "host" HTTP header, it is possible to inject the exec function in order to execute commands as Apache user. !/usr/bin/env python -- coding: utf-8 -- ALCASAR = 2.8 Remote Root Code Execution Vulnerability Author: eF Date : 2014-02-10 db 88 ,ad8888ba, db...

0.5AI score
Exploits0
seebug.org
seebug.org
added 2014/02/08 12:0 a.m.15 views

destoon无限制增加帐号资金

简要描述: destoon 无限制增加帐号资金刷钱 详细说明: 找一个团购商品 没有的话可以自己发布一个,购买抓包,修改数量为负数 img 漏洞证明: 这个洞出了是有些天了,但是乌云上没看到这个洞,就发表大家看一下。某些站长还是得注意一下。 最后感谢乌云的漏洞奖励计划给的2000元奖励。 希望你们越办越好!...

7.1AI score
Exploits0
0day.today
0day.today
added 2011/12/26 12:0 a.m.21 views

Free Image Hosting Script [ALL VERSIONS] Remote File Upload

Exploit for php platform in category web applications ,---. o | , . ---. ,---. ,---. . . ,---. . |--- , . | | | |---' | | | | | | | | ---| ---' ---' ---' ---' ---' ---| ---' ---' ============================================ Free Image Hosting Script Remote File Upload Vulnerability...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2005/05/17 12:0 a.m.30 views

Windows (XP, 2k3, Longhorn) is vulnerable to IpV6 Land attack.

Hi! The land attack described in - http://www.securityfocus.com/archive/1/392354 - is fixed for ipv4 by last security updates, but not for ipv6 protocol. As in IpV4 version of the attack, the build-in firewall has to be turned off to experience the result 1-5 seconds of DoS condition. Tools used:...

Exploits0
Rows per page
Query Builder