11 matches found
Insecure Direct Object Reference (IDOR)
jweiland/events2 is vulnerable to Insecure Direct Object Reference IDOR. The vulnerability is due to missing access checks in the management plugin, which allows an attacker to activate or delete events without authentication...
GHSA-CCHP-3RQ6-69WJ events2 TYPO3 extension insecure direct object reference (IDOR) vulnerability
An issue was discovered in the events2 aka Events 2 extension before 8.3.8 and 9.x before 9.0.6 for TYPO3. Missing access checks in the management plugin lead to an insecure direct object reference IDOR vulnerability with the potential to activate or delete various events for unauthenticated user...
Security update for drbd-utils (low)
openSUSE Security Update: Security update for drbd-utils Announcement ID: openSUSE-SU-2021:3665-1 Rating: low References: 1029961 1185132 1189363 SLE-21057 Affected Products: openSUSE Leap 15.3 An update that contains security fixes and contains one feature can now be installed. Description: This...
josephmartines.org XSS vulnerability
Open Bug Bounty ID: OBB-705407 Description| Value ---|--- Affected Website:| josephmartines.org Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
starscharter.org XSS vulnerability
Open Bug Bounty ID: OBB-705362 Description| Value ---|--- Affected Website:| starscharter.org Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
somersetnlv.org XSS vulnerability
Open Bug Bounty ID: OBB-705209 Description| Value ---|--- Affected Website:| somersetnlv.org Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
steinmetzcp.org XSS vulnerability
Open Bug Bounty ID: OBB-705207 Description| Value ---|--- Affected Website:| steinmetzcp.org Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
somersetacademysh.com XSS vulnerability
Open Bug Bounty ID: OBB-705019 Description| Value ---|--- Affected Website:| somersetacademysh.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
blackbarn.com XSS vulnerability
Open Bug Bounty ID: OBB-620114 Description| Value ---|--- Affected Website:| blackbarn.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
Sql injection
Multiple SQL injection vulnerabilities in Concepts & Solutions QuickUpCMS allow remote attackers to execute arbitrary SQL commands via the 1 nr parameter to a frontend/news.php, the 2 id parameter to b events3.php and c videos2.php in frontend/, the 3 y parameter to d frontend/events2.php, and th...
QuickUpCMS Multiple Remote SQL Injection Vulnerabilities Exploit
No description provided by source. ?php iniset"maxexecutiontime",0; printr' QuickUpCMS - SQL Injection Exploit Vulnerability discovered by: LidlosesAuge Exploit coded by: LidlosesAuge Greetz to: -=Player=- , Suicide, g4ms3, enco, GPM...