revisor.mn.gov IFRAME Injection vulnerability

Vulnerable URL: https://www.revisor.mn.gov/topics/?type=court=%22%3E%20%3Ciframe%20src=%22https://www.openbugbounty.org%22%3E%3C/iframe%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 28.07.2017 Vulnerability type:| IFRAME Injection Vulnerability status:| Publicly...

sipert-sso.it.adp.com IFRAME Injection vulnerability

Vulnerable URL: https://www.sipert-sso.it.adp.com/js-coin/js2config/frame.jsp?https://www.openbugbounty.org Details: Description| Value ---|--- Patched:| No Latest check for patch:| 05.08.2017 Vulnerability type:| IFRAME Injection Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / No...

dvmark.info IFRAME Injection vulnerability

Vulnerable URL: http://www.dvmark.info/multiampcommunity.php?url=https://openbugbounty.org/1.js Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| IFRAME Injection Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated...

bvirtual.ucol.mx IFRAME Injection vulnerability

Vulnerable URL: http://bvirtual.ucol.mx/url.php?u=https3A2F2Fwww.openbugbounty.org2F20 Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| IFRAME Injection Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP...

VK.com: SSRF (open) - via GET request

Потенциальный DoS сервиса share через SSRF. Продемонстрирована возможность проведения атаки через приложения ВК. Сервис upload.php / parseshare игнорировал идентифицирующие ключи hash и rhash, а также не производил проверку Content- по целевому url. Большой таймаут серверного запроса позволял...

kid.dglib.cn IFRAME Injection vulnerability

Vulnerable URL: http://kid.dglib.cn/Activity/frame.asp?u=https://www.openbugbounty.org Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| IFRAME Injection Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP...

CVE-2016-5283

Mozilla Firefox before 49.0 allows remote attackers to bypass the Same Origin Policy via a crafted fragment identifier in the SRC attribute of an IFRAME element, leading to insufficient restrictions on link-color information after a document is resized...

cgi.netlaputa.ne.jp IFRAME Injection vulnerability

Vulnerable URL: http://cgi.netlaputa.ne.jp/bob/frame.cgi?url=https://www.openbugbounty.org Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| IFRAME Injection Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP...

CVE-2016-6440

The Cisco Unified Communications Manager CUCM may be vulnerable to data that can be displayed inside an iframe within a web page, which in turn could lead to a clickjacking attack. More Information: CSCuz64683 CSCuz64698. Known Affected Releases: 11.01.10000.10, 11.51.10000.6, 11.50.99838.4. Know...

CVE-2016-6440

CVE-2016-6440 affects Cisco Unified Communications Manager (CUCM). Root cause: lack of input sanitization for iframe data in HTTP requests, enabling an attacker to display data inside an iframe and trigger clickjacking (phishing) without user interaction. Affected releases include CUCM 11.0(1.100...

webs-design.dudamobile.com IFRAME Injection vulnerability

Vulnerable URL: http://webs-design.dudamobile.com/site/classic?url=https://www.openbugbounty.org" Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| IFRAME Injection Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculat...

apepet.hk IFRAME Injection vulnerability

Vulnerable URL: http://www.apepet.hk/url.php?lang=en=https://www.openbugbounty.org Details: Description| Value ---|--- Patched:| Yes, at 28.07.2017 Latest check for patch:| 28.07.2017 12:07 GMT Vulnerability type:| IFRAME Injection Vulnerability status:| Publicly disclosed Alexa Rank| 571479 VIP...

cdhfasthealth.com IFRAME Injection vulnerability

Vulnerable URL: http://www.cdhfasthealth.com/goto.php?url=https://www.openbugbounty.org Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| IFRAME Injection Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP...

riversidefasthealth.com IFRAME Injection vulnerability

Vulnerable URL: http://www.riversidefasthealth.com/goto.php?url=https://www.openbugbounty.org Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| IFRAME Injection Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated V...

dcmhfasthealth.com IFRAME Injection vulnerability

Vulnerable URL: http://www.dcmhfasthealth.com/goto.php?url=https://www.openbugbounty.org Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| IFRAME Injection Vulnerability status:| Publicly disclosed Alexa Rank| 12469963 VIP website status:| N...

mountainviewfasthealth.com IFRAME Injection vulnerability

Vulnerable URL: http://www.mountainviewfasthealth.com/goto.php?url=https://www.openbugbounty.org Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| IFRAME Injection Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculate...

alerteprix.net IFRAME Injection vulnerability

Vulnerable URL: http://www.alerteprix.net/goto.php?url=https://www.openbugbounty.org Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| IFRAME Injection Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP websit...

apnahyderabad.com IFRAME Injection vulnerability

Vulnerable URL: http://www.apnahyderabad.com/redirecto.asp?site=https://www.openbugbounty.org Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| IFRAME Injection Vulnerability status:| Publicly disclosed Alexa Rank| 2032255 VIP website status...

Brave Software: Access to local file system using javascript

Hey, The browser can access the local files using iframes with a local html file. this is very normal and often used for local web development but javascript shouldn't be able to get the content of that iframe because this can be used to post the contents to the attackers server. something else I...

Cisco Patches Critical Bug In Video Conferencing Server Hardware

On Wednesday Cisco Systems patched a critical vulnerability found in its Cisco Meeting Server hardware, a key component in its enterprise audio, web and video conferencing service. The flaw, according to a Cisco Security Advisory, could allow an unauthenticated remote attacker to masquerade as a...