5118 matches found
unis.org XSS vulnerability
Open Bug Bounty ID: OBB-559244 Description| Value ---|--- Affected Website:| unis.org Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
brownell.edu XSS vulnerability
Open Bug Bounty ID: OBB-556189 Description| Value ---|--- Affected Website:| brownell.edu Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
clickability.com IFRAME Injection vulnerability
Open Bug Bounty ID: OBB-555784 Description| Value ---|--- Affected Website:| clickability.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Iframe Injection / CWE-79 CVSSv3 Score:| 6.1...
cduhessen.de IFRAME Injection vulnerability
Open Bug Bounty ID: OBB-554407 Description| Value ---|--- Affected Website:| cduhessen.de Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| NDPolitik Vulnerability Type:| Iframe Injection / CWE-79 CVSSv3 Score:| 6.1...
The vulnerability in the implementation of the “data” protocol in Mozilla Firefox, Firefox ESR, and the Thunderbird email client allows a perpetrator to influence the integrity of the protected information.
The vulnerability of the “data:” protocol implementation in Mozilla Firefox, Firefox ESR, and the email client Thunderbird is related to errors in its operation on pages containing “iframe” elements. Exploiting this vulnerability can allow a malicious actor to influence the integrity of protected...
The vulnerabilities of Mozilla Firefox, Firefox ESR, and the email client Thunderbird are related to deficiencies in the implementation of SOP (Same-origin policy). These vulnerabilities allow attackers to gain unauthorized access to protected information.
The vulnerabilities of Mozilla Firefox, Firefox ESR, and the email client Thunderbird are related to deficiencies in the implementation of SOP Same-origin policy. Exploiting these vulnerabilities can allow an attacker, operating remotely, to gain unauthorized access to protected information using...
CVE-2018-6654
The Grammarly extension before 2018-02-02 for Chrome allows remote attackers to discover authentication tokens via an 'action: "user"' request to iframe.gr-ifr, because the exposure of these tokens is not restricted to any specific web site...
CVE-2018-6654
The Grammarly extension before 2018-02-02 for Chrome allows remote attackers to discover authentication tokens via an 'action: "user"' request to iframe.gr-ifr, because the exposure of these tokens is not restricted to any specific web site...
Node.js third-party modules: [crud-file-server] Stored XSS in filenames when directory index is served by crud-file-server
Hi Guys, crud-file-server allows to embed HTML in file names, which in certain conditions might lead to execute malicious JavaScript. Module crud-file-server This package exposes a directory and its children to create, read, update, and delete operations over http...
Node.js third-party modules: [glance] Stored XSS via file name allows to run arbitrary JavaScript when directory listing is displayed in browser
Hi Guys, There is a Stored XSS vulnerability in glance module. File name, which contains malicious HTML eg. embedded iframe element or javascript: pseudoprotocol handler in element allows to execute JavaScript code against any user who opens directory listing contains such crafted file name. Modu...
Node.js third-party modules: [anywhere] An iframe element with url to malicious HTML file (with eg. JavaScript malware) can be used as filename and served via anywhere
Hi Guys, anywhere allows to embed HTML in file names, which in certain conditions might lead to execute malicious JavaScript. Module: Running static file server anywhere. https://www.npmjs.com/package/anywhere Description To embed malicious tag with JavaScript code to execute, / character is...
psycline.org IFRAME Injection vulnerability
Open Bug Bounty ID: OBB-544482 Description| Value ---|--- Affected Website:| psycline.org Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Iframe Injection / CWE-79 CVSSv3 Score:| 6.1...
gflora.com IFRAME Injection vulnerability
Open Bug Bounty ID: OBB-544270 Description| Value ---|--- Affected Website:| gflora.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Iframe Injection / CWE-79 CVSSv3 Score:| 6.1...
greatlakescalibration.com IFRAME Injection vulnerability
Open Bug Bounty ID: OBB-544268 Description| Value ---|--- Affected Website:| greatlakescalibration.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Iframe Injection / CWE-79 CVSSv3 Score:| 6.1...
lowther-holidaypark.co.uk IFRAME Injection vulnerability
Open Bug Bounty ID: OBB-544258 Description| Value ---|--- Affected Website:| lowther-holidaypark.co.uk Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Iframe Injection / CWE-79 CVSSv3 Score:| 6.1...
downfieldstudio.com IFRAME Injection vulnerability
Open Bug Bounty ID: OBB-544255 Description| Value ---|--- Affected Website:| downfieldstudio.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Iframe Injection / CWE-79 CVSSv3 Score:| 6.1...
la-colombiere.ch IFRAME Injection vulnerability
Open Bug Bounty ID: OBB-544253 Description| Value ---|--- Affected Website:| la-colombiere.ch Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Iframe Injection / CWE-79 CVSSv3 Score:| 6.1...
elloracaves.org IFRAME Injection vulnerability
Open Bug Bounty ID: OBB-544250 Description| Value ---|--- Affected Website:| elloracaves.org Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Iframe Injection / CWE-79 CVSSv3 Score:| 6.1...
afoc.mil.ae IFRAME Injection vulnerability
Open Bug Bounty ID: OBB-544249 Description| Value ---|--- Affected Website:| afoc.mil.ae Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Iframe Injection / CWE-79 CVSSv3 Score:| 6.1...
friendsofdunhuang.org IFRAME Injection vulnerability
Open Bug Bounty ID: OBB-544234 Description| Value ---|--- Affected Website:| friendsofdunhuang.org Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Iframe Injection / CWE-79 CVSSv3 Score:| 6.1...