Lucene search
K

5125 matches found

Openbugbounty
Openbugbounty
added 2018/05/24 2:11 p.m.11 views

patos.pb.gov.br IFRAME Injection vulnerability

Open Bug Bounty ID: OBB-621302 Description| Value ---|--- Affected Website:| patos.pb.gov.br Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Iframe Injection / CWE-79 CVSSv3 Score:| 6.1...

0.1AI score
Exploits0
Openbugbounty
Openbugbounty
added 2018/05/24 1:3 a.m.11 views

mesowest.utah.edu IFRAME Injection vulnerability

Open Bug Bounty ID: OBB-621099 Description| Value ---|--- Affected Website:| mesowest.utah.edu Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Iframe Injection / CWE-79 CVSSv3 Score:| 6.1...

0.1AI score
Exploits0
Openbugbounty
Openbugbounty
added 2018/05/24 12:54 a.m.8 views

findu.com IFRAME Injection vulnerability

Open Bug Bounty ID: OBB-621097 Description| Value ---|--- Affected Website:| findu.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Iframe Injection / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
Openbugbounty
Openbugbounty
added 2018/05/20 6:30 a.m.11 views

wnps.org IFRAME Injection vulnerability

Open Bug Bounty ID: OBB-618808 Description| Value ---|--- Affected Website:| wnps.org Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Iframe Injection / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
OSV
OSV
added 2018/05/17 7:29 p.m.15 views

CVE-2018-11101

Open Whisper Signal aka Signal-Desktop through 1.10.1 allows XSS via a resource location specified in an attribute of a SCRIPT, IFRAME, or IMG element, leading to JavaScript execution after a reply, a different vulnerability than CVE-2018-10994. The attacker needs to send HTML code directly as a...

6.1CVSS6.2AI score
Exploits0References1
CVE
CVE
added 2018/05/17 7:0 p.m.54 views

CVE-2018-11101

CVE-2018-11101 affects Signal Desktop (Open Whisper Signal) up to version 1.10.1. The vulnerability arises from incorrect handling of HTML when rendering quoted-reply messages, allowing XSS via HTML injected in a message that is later quoted/replied to. The root cause involved React dangerouslySe...

6.1CVSS6AI score0.01458EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2018/05/17 3:0 a.m.49 views

CVE-2018-0326

Cisco TelePresence Server Software web UI is affected by CVE-2018-0326 due to insufficient protections for HTML iframe embeds, enabling an unauthenticated attacker to perform a cross-frame scripting attack via a user-nes navigated, attacker-controlled page containing a malicious iframe. The resul...

6.1CVSS6.1AI score0.01796EPSS
Exploits0References3Affected Software1
Packet Storm
Packet Storm
added 2018/05/16 12:0 a.m.56 views

Signal Desktop HTML Tag Injection Variant 2

Title: Signal-desktop HTML tag injection variant 2 Date Published: 2018-05-16 Last Update: 2018-05-16 CVE Name: CVE-2018-11101 Class: Code injection Remotely Exploitable: Yes Locally Exploitable: No Vendors contacted: Signal.org Vulnerability Description: Signal-desktop is the standalone desktop...

0.4AI score0.01458EPSS
Exploits3
Openbugbounty
Openbugbounty
added 2018/05/14 5:46 p.m.11 views

policelink.monster.com IFRAME Injection vulnerability

Open Bug Bounty ID: OBB-616311 Description| Value ---|--- Affected Website:| policelink.monster.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| Iframe Injection / CWE-79 CVSSv3 Score:| hidden...

0.1AI score
Exploits0
FireEye
FireEye
added 2018/05/14 9:0 a.m.492 views

A Deep Dive Into RIG Exploit Kit Delivering Grobios Trojan

As discussed in previous blogs, exploit kit activity has been on the decline since the latter half of 2016. However, we do still periodically observe significant developments in this space, and we have been observing interesting ongoing activity involving RIG Exploit Kit EK. Although the volume o...

Exploits0
OSV
OSV
added 2018/05/11 9:29 p.m.2 views

CVE-2018-5304

An issue was discovered on the Impinj Speedway Connect R420 RFID Reader before 2.2.2. The affected web interface is vulnerable to ClickJacking or UI Redressing: it is possible to access the web application in an iframe, and clicking on the iframe will redirect to a third-party application or...

4.3CVSS5.8AI score0.0079EPSS
Exploits1References1
NVD
NVD
added 2018/05/11 9:29 p.m.8 views

CVE-2018-5304

An issue was discovered on the Impinj Speedway Connect R420 RFID Reader before 2.2.2. The affected web interface is vulnerable to ClickJacking or UI Redressing: it is possible to access the web application in an iframe, and clicking on the iframe will redirect to a third-party application or...

4.3CVSS4.6AI score0.0079EPSS
Exploits1References1
Cvelist
Cvelist
added 2018/05/11 9:0 p.m.14 views

CVE-2018-5304

An issue was discovered on the Impinj Speedway Connect R420 RFID Reader before 2.2.2. The affected web interface is vulnerable to ClickJacking or UI Redressing: it is possible to access the web application in an iframe, and clicking on the iframe will redirect to a third-party application or...

4.6AI score0.0079EPSS
Exploits1References1
Openbugbounty
Openbugbounty
added 2018/05/03 10:47 a.m.7 views

pressloft.se XSS vulnerability

Open Bug Bounty ID: OBB-611669 Description| Value ---|--- Affected Website:| pressloft.se Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
The Hacker News
The Hacker News
added 2018/04/21 1:59 p.m.1 views

Flaw in LinkedIn AutoFill Plugin Lets Third-Party Sites Steal Your Data

Not just Facebook, a new vulnerability discovered in Linkedin's popular AutoFill functionality found leaking its users' sensitive information to third party websites without the user even knowing about it. LinkedIn provides an AutoFill plugin for a long time that other websites can use to let...

6.6AI score
Exploits0
Openbugbounty
Openbugbounty
added 2018/04/19 7:58 a.m.12 views

spc.pt IFRAME Injection vulnerability

Open Bug Bounty ID: OBB-604087 Description| Value ---|--- Affected Website:| spc.pt Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Iframe Injection / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
Openbugbounty
Openbugbounty
added 2018/04/17 10:51 a.m.8 views

klett.de XSS vulnerability

Open Bug Bounty ID: OBB-603221 Description| Value ---|--- Affected Website:| klett.de Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
Openbugbounty
Openbugbounty
added 2018/04/14 10:5 p.m.11 views

idpe.ir IFRAME Injection vulnerability

Open Bug Bounty ID: OBB-602123 Description| Value ---|--- Affected Website:| idpe.ir Open Bug Bounty Program:| Not created yet Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| hidden until disclosure Disclosure Standard:|...

0.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2018/04/14 8:26 p.m.8 views

videos.abt.com XSS vulnerability

Open Bug Bounty ID: OBB-602055 Description| Value ---|--- Affected Website:| videos.abt.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2018/03/31 12:42 p.m.8 views

hec-taiwan.com IFRAME Injection vulnerability

Open Bug Bounty ID: OBB-594741 Description| Value ---|--- Affected Website:| hec-taiwan.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Iframe Injection / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
Rows per page
Query Builder