33 matches found
ccdd-poc
ccdd-poc — ¿Dónde está el límite de un solucionador de issues...
EUVD-2019-9529
Malware in sbrugna...
CVE-2019-19940
Incorrect input sanitation in text-oriented user interfaces telnet, ssh in Swisscom Centro Grande before 6.16.12 allows remote authenticated users to execute arbitrary commands via command injection...
CVE-2019-19941
Missing hostname validation in Swisscom Centro Grande before 6.16.12 allows a remote attacker to inject its local IP address as a domain entry in the DNS service of the router via crafted hostnames in DHCP requests, causing XSS...
grande-punto.de Improper Access Control vulnerability OBB-3778577
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Film companies lose battle to unmask Reddit users
An interesting case marking the limits of what data big business can expect to dig up has concluded its day or to be more accurate, many days in court. Ars Technica reports that film companies have lost their battle to make social site Reddit identify anonymous users discussing piracy. No fewer...
servicos.morrogrande.sc.gov.br Cross Site Scripting vulnerability OBB-3270114
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
grande-pyramide.fr Cross Site Scripting vulnerability OBB-2855828
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
grande-digue.com Cross Site Scripting vulnerability OBB-2760758
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Swisscom Centro Grande Cross-Site Scripting Vulnerability
The Swisscom Centro Grande is a router from Swisscom, Switzerland. A cross-site scripting vulnerability exists in Swisscom Centro Grande versions prior to 6.16.12, which stems from the lack of proper validation of client-side data by the WEB application. An attacker could exploit the vulnerabilit...
CVE-2019-19941
Missing hostname validation in Swisscom Centro Grande before 6.16.12 allows a remote attacker to inject its local IP address as a domain entry in the DNS service of the router via crafted hostnames in DHCP requests, causing XSS...
CVE-2019-19940
Incorrect input sanitation in text-oriented user interfaces telnet, ssh in Swisscom Centro Grande before 6.16.12 allows remote authenticated users to execute arbitrary commands via command injection...
CVE-2019-19942
Missing output sanitation in Swisscom Centro Grande Centro Grande before 6.16.12, Centro Business 1.0 ADB before 7.10.18, and Centro Business 2.0 before 8.02.04 allows a remote attacker to perform DNS spoofing against the web interface via crafted hostnames in DHCP requests...
CVE-2019-19941
Missing hostname validation in Swisscom Centro Grande before 6.16.12 allows a remote attacker to inject its local IP address as a domain entry in the DNS service of the router via crafted hostnames in DHCP requests, causing XSS...
CVE-2019-19940
Incorrect input sanitation in text-oriented user interfaces telnet, ssh in Swisscom Centro Grande before 6.16.12 allows remote authenticated users to execute arbitrary commands via command injection...
CVE-2019-19942
Missing output sanitation in Swisscom Centro Grande Centro Grande before 6.16.12, Centro Business 1.0 ADB before 7.10.18, and Centro Business 2.0 before 8.02.04 allows a remote attacker to perform DNS spoofing against the web interface via crafted hostnames in DHCP requests...
Design/Logic Flaw
Missing output sanitation in Swisscom Centro Grande Centro Grande before 6.16.12, Centro Business 1.0 ADB before 7.10.18, and Centro Business 2.0 before 8.02.04 allows a remote attacker to perform DNS spoofing against the web interface via crafted hostnames in DHCP requests...
Command injection
Incorrect input sanitation in text-oriented user interfaces telnet, ssh in Swisscom Centro Grande before 6.16.12 allows remote authenticated users to execute arbitrary commands via command injection...
Design/Logic Flaw
Missing hostname validation in Swisscom Centro Grande before 6.16.12 allows a remote attacker to inject its local IP address as a domain entry in the DNS service of the router via crafted hostnames in DHCP requests, causing XSS...
CVE-2019-19942
Missing output sanitation in Swisscom Centro Grande Centro Grande before 6.16.12, Centro Business 1.0 ADB before 7.10.18, and Centro Business 2.0 before 8.02.04 allows a remote attacker to perform DNS spoofing against the web interface via crafted hostnames in DHCP requests...