ultimate-guitar.com XSS vulnerability

Vulnerable URL: http://www.ultimate-guitar.com/search.php?approved1=1name=ugtname=mbtvccdk'%22alert'OPENBUGBOUNTY'...

Advanced ads Management <= 1.3 - Authenticated Stored Cross-Site Scripting (XSS)

Any authenticated user, including authors, can embed JavaScript via the 'HTML Codes' functionality when creating a new add. Embedding JavaScript should be restricted to users with the 'unfilteredhtml' capability...

Boozt Fashion AB: PHP info page disclosure on http://www.day.dk/

Hi, Boozt team. Description: phpinfo is a debug functionality that prints out detailed information on both the system and the PHP configuration. Step to reproduce: 1. Go to http://www.day.dk/check.php An attacker can obtain information such as: •Exact PHP version. •Exact OS and its version...

BSNL Teracom Router Firmware Rewrite / Link Modification

Multiple Vulnerabilities in TERACOM ROUTER Author: Ajay Gowtham aka AJOXR Contact: gowtham.ajay5 at gmail.com Vulnerability Type: Insecure Upload File Permissions Affected Module: Upload Functionality Criticality: Medium Device Model: BSNL Teracom T2-B-Gawv1.4U10Y-BI is WiFi enabled ADSL2+...

forum.cosmogirl.com.tr XSS vulnerability

Vulnerable URL: http://forum.cosmogirl.com.tr/search.php?q="/alert/openbugbounty/...

sthelensreporter.co.uk XSS vulnerability

Open Bug Bounty ID: OBB-177875 Description| Value ---|--- Affected Website:| sthelensreporter.co.uk Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

datezone.com XSS vulnerability

Vulnerable URL: http://www.datezone.com/index.php?action=szukaj=proste=Szukaj=2para=parapartner==0celu=szukamcelcyberod=34do=34=oxk3g...

drink.ch XSS vulnerability

Vulnerable URL: http://www.drink.ch/de/catalogsearch/result/?q=%27...

FAQ: Rooted\Jailbroken Device Detection in XenMobile MAM Only Mode

Q: Can devices in XenMobile MAM only mode detect rooted\jailbroken devices? A : The jailbreak flag which is present on the XenMobile server console which shows whether a device is jailbroken or not is only supported when the device is enrolled to MDM. The jailbreak flag is set by MDM and not by M...

Nagios Incident Manager 2.0.0 - Multiple Vulnerabilities

Nagios Incident Manager 2.0.0 - Multiple Vulnerabilities , , . '.' '. ', . , '. , .', , / / / \ \ ==/ /\ \ / / \ / \ / / | \ \ Y Y \ / /| / \ /||| / / /.-. / /:wq x.0 '=.|w|.=' =''"''=. presents.. Nagios Incident Manager Multiple Vulnerabilities Affected versions: Nagios Incident Manager...

Unsafe Query Generation Risk in Active Record

There is a vulnerability when Active Record is used in conjunction with JSON parameter parsing. This vulnerability is similar to CVE-2012-2660, CVE-2012-2694 and CVE-2013-0155. Impact ------ Due to the way Active Record interprets parameters in combination with the way that JSON parameters are...

CVE-2016-4253

The Backup functionality in Adobe Experience Manager 5.6.1, 6.0, 6.1, and 6.2 allows attackers to obtain sensitive information via unspecified vectors...

Information disclosure

The Backup functionality in Adobe Experience Manager 5.6.1, 6.0, 6.1, and 6.2 allows attackers to obtain sensitive information via unspecified vectors...

CVE-2016-4253

CVE-2016-4253 affects Adobe Experience Manager: backup functionality in versions 5.6.1, 6.0, 6.1, and 6.2 is reported to disclose sensitive information via unspecified vectors. Connected sources corroborate an information-disclosure issue in the Backup feature. The CNVD entry explicitly states th...

NUUO NVRmini 2 3.0.8 - Arbitrary File Deletion

NUUO Arbitrary File Deletion Vulnerability Vendor: NUUO Inc. Product web page: http://www.nuuo.com Affected version: ================================================================== Tested on: GNU/Linux 3.0.8 armv7l GNU/Linux 2.6.31.8 armv5tel lighttpd/1.4.28 PHP/5.5.3 Vulnerability discovered...

NUUO NVRmini 2 3.0.8 - Remote Code Execution

NUUO NVRmini 2 3.0.8 - Remote Code Execution !/usr/bin/env python NUUO Remote Root Exploit Vendor: NUUO Inc. Product web page: http://www.nuuo.com Affected version: =3.0.8 Summary: NUUO NVRmini 2 is the lightweight, portable NVR solution with NAS functionality. Setup is simple and easy, with...

NUUO NVRmini 2 3.0.8 - Cross-Site Request Forgery (Add Admin)

NUUO NVRmini 2 3.0.8 - Cross-Site Request Forgery Add Admin input type="hidden" name="password2" value=...

CVE-2016-3838

Android 6.x before 2016-08-01 allows attackers to cause a denial of service loss of locked-screen 911 functionality via a crafted application that uses the app-pinning feature, aka internal bug 28761672...

CVE-2016-3838

Android 6.x before 2016-08-01 allows attackers to cause a denial of service loss of locked-screen 911 functionality via a crafted application that uses the app-pinning feature, aka internal bug 28761672...

Code injection

Bluetooth in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 allows attackers to cause a denial of service loss of Bluetooth 911 functionality via a crafted application that sends a signal to a Bluetooth process, aka internal bug 28885210...