571 matches found
gemini-coatings.com XSS vulnerability
Open Bug Bounty ID: OBB-411659 Description| Value ---|--- Affected Website:| gemini-coatings.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Che...
bielskobiala.geminipark.pl XSS vulnerability
Vulnerable URL: http://bielskobiala.geminipark.pl/1/%22%3E%3Csvg/onload=%22alert'OPENBUGBOUNTY'%22%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 29.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP...
Yahoo Gemini Cross Site Request Forgery
Document Title: =============== Yahoo Bug Bounty 32 - CSRF bulkImport Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1552 Release Date: ============= 2015-09-03 Vulnerability Laboratory ID VL-ID: ==================================== 15...
Researchers Outline Bugs in Yahoo, PayPal, Magento
Researchers recently discovered a smattering of vulnerabilities in web applications and mobile applications belonging to companies like Yahoo, PayPal, Magento, and Shopify that could have led to account theft, session hijacking, and phishing, among other consequences. Hadji Samir, Ebrahim Hegazy,...
Yahoo Bug Bounty #32 - CSRF bulkImport Web Vulnerability
Document Title: =============== Yahoo Bug Bounty 32 - CSRF bulkImport Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1552 Release Date: ============= 2015-09-03 Vulnerability Laboratory ID VL-ID: ==================================== 15...
DreamBox DM500s Cross Site Scripting
DreamBox DM500s Reflected XSS Vendor: Dream Multimedia GmbH Product web page: http://www.dream-multimedia-tv.de Summary: The Dreambox DM500s is a Linux-powered DVB satellite, terrestrial and cable digital television receivers set-top box. Tested on: Linux Kernel 2.6.9, The Gemini Project, Enigma...
The Gemini Portal <= 4.7 Insecure Cookie Handling Vulnerability
No description provided by source. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- The Gemini Portal = 4.7 / Insecure Cookie Handling Vulnerability -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Program: The Gemini Portal Version: = 4.7 File affected: admin/...
DreamBox DM500(+) - Arbitrary File Download
DreamBox DM500+ Arbitrary File Download Vulnerability Vendor: Dream Multimedia GmbH Product web page: http://www.dream-multimedia-tv.de Affected version: DM500, DM500+, DM500HD and DM500S Summary: The Dreambox is a series of Linux-powered DVB satellite, terrestrial and cable digital television...
DreamBox DM500+ File Download
DreamBox DM500+ Arbitrary File Download Vulnerability Vendor: Dream Multimedia GmbH Product web page: http://www.dream-multimedia-tv.de Affected version: DM500, DM500+, DM500HD and DM500S Summary: The Dreambox is a series of Linux-powered DVB satellite, terrestrial and cable digital television...
CVE-2008-7024
admin.php in Arz Development The Gemini Portal 4.7 and earlier allows remote attackers to bypass authentication and gain administrator privileges by setting the user cookie to "admin" and setting the name parameter to "users."...
CVE-2008-7024
admin.php in Arz Development The Gemini Portal 4.7 and earlier allows remote attackers to bypass authentication and gain administrator privileges by setting the user cookie to "admin" and setting the name parameter to "users."...
CVE-2008-7024
CVE-2008-7024 affects Arz Development The Gemini Portal 4.7 and earlier. The vulnerability allows remote attackers to bypass authentication and obtain administrator privileges by manipulating the user cookie to the value "admin" and setting the name parameter to "users" in admin.php. The root cau...
CVE-2008-4720
Multiple PHP remote file inclusion vulnerabilities in The Gemini Portal 4.7 allow remote attackers to execute arbitrary PHP code via a URL in the lang parameter to 1 page/forums/bottom.php and 2 page/forums/category.php...
CVE-2008-4720
Multiple PHP remote file inclusion vulnerabilities in The Gemini Portal 4.7 allow remote attackers to execute arbitrary PHP code via a URL in the lang parameter to 1 page/forums/bottom.php and 2 page/forums/category.php...
CVE-2008-4720
The CVE-2008-4720 entry concerns The Gemini Portal 4.7, where the vulnerability is a PHP remote file inclusion. The affected functionality is exposed via the lang parameter to two pages (page/forums/bottom.php and page/forums/category.php), enabling remote code execution on the server. The core i...
The Gemini Portal <= 4.7 / Insecure Cookie Handling Vulnerability
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- The Gemini Portal = 4.7 / Insecure Cookie Handling Vulnerability -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Program: The Gemini Portal Version: = 4.7 File affected: admin/ Download:...
gemini-rfi.txt
The Gemini Portal Multiple Remote File inj. version: 4.7 ---------------------------------------------------------- Discovered By: ZoRLu Date: 26.09.2008 Home: www.z0rlu.blogspot.com contact: [email protected] contact: [email protected] N0T: TUM iSLAM ALEMiNiN BAYRAMINI KUTLARIM...! N0T: YALNIZLIK,...
The Gemini Portal <= 4.7 Insecure Cookie Handling Vulnerability
No description provided by source. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- The Gemini Portal = 4.7 / Insecure Cookie Handling Vulnerability -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Program: The Gemini Portal Version: = 4.7 File affected: admin/...
The Gemini Portal (lang) Remote File Inclusion Vulnerabilities
No description provided by source. The Gemini Portal Multiple Remote File inj. version: 4.7 ---------------------------------------------------------- Discovered By: ZoRLu Date: 26.09.2008 Home: www.z0rlu.blogspot.com contact: [email protected] contact: [email protected] N0T: TUM iSLAM ALEMiNiN...
gemini-cookie.txt
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- The Gemini Portal eNYe-Sec - www.enye-sec.org Program description by the author website Bug Exploit Note: POST is not checked and you can enter all by GET. Also you can create a simple perl script to send GET and POST packages. Fir...