21 matches found
EUVD-2007-4482
Malware in sbrugna...
CVE-2021-39342 Credova_Financial <= 1.4.8 Sensitive Information Disclosure
The CredovaFinancial WordPress plugin discloses a site's associated Credova API account username and password in plaintext via an AJAX action whenever a site user goes to checkout on a page that has the Credova Financing option enabled. This affects versions up to, and including, 1.4.8...
Google makes app to lock devices if users default on payment
By Sudais Asif Google ash released an app that aims at locking the devices of users who default on their smartphone financing payments. This is a post from HackRead.com Read the original post: Google makes app to lock devices if users default on payment...
UK launches cyberstrategy with long-term relevance
Like most major global economies, the United Kingdom continues to place cybersecurity issues front and center. The National Cyber Security Strategy: 2016-2021 document—published by the UK Government and released nearly two years ago—describes the plan to make the UK secure and resilient in...
Here Comes Wallarm
Today we are happy to announce the closing of $8 Million Series A financing. After talking with many venture firms in California, we decided to partner up with Toba Capital, a firm with an excellent understanding of the enterprise market and previous successful investments in security, such as...
zeiglernissangurnee.financing.dealer.com XSS vulnerability
Open Bug Bounty ID: OBB-632400 Description| Value ---|--- Affected Website:| zeiglernissangurnee.financing.dealer.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3...
westdaleucs.financing.dealer.com XSS vulnerability
Open Bug Bounty ID: OBB-632386 Description| Value ---|--- Affected Website:| westdaleucs.financing.dealer.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6....
villagefordfd.financing.dealer.com XSS vulnerability
Open Bug Bounty ID: OBB-632354 Description| Value ---|--- Affected Website:| villagefordfd.financing.dealer.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:|...
victorychevroletbuick.financing.dealer.com XSS vulnerability
Open Bug Bounty ID: OBB-632351 Description| Value ---|--- Affected Website:| victorychevroletbuick.financing.dealer.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3...
rudolphhonda.financing.dealer.com XSS vulnerability
Open Bug Bounty ID: OBB-632277 Description| Value ---|--- Affected Website:| rudolphhonda.financing.dealer.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6...
premiersubaru.financing.dealer.com XSS vulnerability
Open Bug Bounty ID: OBB-632239 Description| Value ---|--- Affected Website:| premiersubaru.financing.dealer.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:|...
Automotive service O2O was raging, the product safety who to pay attention-vulnerability warning-the black bar safety net
Off to 2 0 1 5 years 4 months, our country motor vehicle retains the quantity has reached 2. 6 4 million vehicles, in the face of nearly a trillion level of automotive after-market, all kinds of automotive service O2O platform competing to rise, 2 0 1 4 years O2O automotive after-market field...
Four Hacking Suspects Tied to Terrorist Group Arrested
Authorities in the Philippines teamed up with the FBI to arrest four reputed hackers they believe were working for a terrorist organization. The four suspects were arrested in the Philippines Nov. 23. Law enforcement officials believe the suspects were employed by the terrorist group Jemaah...
В Швеции появится первый в мире пиратский провайдер
Пиратская партия Швеции станет первым в мире "пиратским" интернет-провайдером, пишет TorentFreak. Партнером Пиратской партии по организации доступа пользователей в Сеть станет провайдер ViaEuropa. Предполагается, что новая компания PirateISP, во главе которой находится член Пиратской партии Густа...
Email Image Upload Shell Upload
============================================= =================================== ============================================= ====== Email image upload Remote file Upload Vulnerability ============================================= ===================================...
Unrestricted file upload
Unrestricted file upload vulnerability in output.php in American Financing eMail Image Upload 4.1 allows remote attackers to upload and execute arbitrary code via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2007-4499
Unrestricted file upload vulnerability in output.php in American Financing eMail Image Upload 4.1 allows remote attackers to upload and execute arbitrary code via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2007-4499
CVE-2007-4499 affects American Financing eMail Image Upload 4.1; vulnerable component is output.php, with an unrestricted file upload allowing remote code execution via unspecified vectors. The provided sources give this vulnerability detail but no remediation or exploit specifics.
CVE-2007-4499
Unrestricted file upload vulnerability in output.php in American Financing eMail Image Upload 4.1 allows remote attackers to upload and execute arbitrary code via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
Link Request Contact Form任意文件上传漏洞
Link Request Contact Form允许用户请求向其他站点添加自己站点的链接横幅。 Link Request Contact Form在处理文件上传时存在漏洞,远程攻击者可能利用此漏洞上传恶意脚本执行代码。 Link Request Contact Form的output.php脚本没有验证所上传文件的扩展名,因此攻击者可以上传有.php扩展名的文件然后在服务器上执行任意PHP代码。成功攻击要求在HTTP头中传送允许的MIME媒体类型。 American Financing Link Request Contact Form 3.4 American Financing...