5125 matches found
greatlakescalibration.com IFRAME Injection vulnerability
Open Bug Bounty ID: OBB-544268 Description| Value ---|--- Affected Website:| greatlakescalibration.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Iframe Injection / CWE-79 CVSSv3 Score:| 6.1...
lowther-holidaypark.co.uk IFRAME Injection vulnerability
Open Bug Bounty ID: OBB-544258 Description| Value ---|--- Affected Website:| lowther-holidaypark.co.uk Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Iframe Injection / CWE-79 CVSSv3 Score:| 6.1...
downfieldstudio.com IFRAME Injection vulnerability
Open Bug Bounty ID: OBB-544255 Description| Value ---|--- Affected Website:| downfieldstudio.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Iframe Injection / CWE-79 CVSSv3 Score:| 6.1...
la-colombiere.ch IFRAME Injection vulnerability
Open Bug Bounty ID: OBB-544253 Description| Value ---|--- Affected Website:| la-colombiere.ch Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Iframe Injection / CWE-79 CVSSv3 Score:| 6.1...
elloracaves.org IFRAME Injection vulnerability
Open Bug Bounty ID: OBB-544250 Description| Value ---|--- Affected Website:| elloracaves.org Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Iframe Injection / CWE-79 CVSSv3 Score:| 6.1...
afoc.mil.ae IFRAME Injection vulnerability
Open Bug Bounty ID: OBB-544249 Description| Value ---|--- Affected Website:| afoc.mil.ae Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Iframe Injection / CWE-79 CVSSv3 Score:| 6.1...
friendsofdunhuang.org IFRAME Injection vulnerability
Open Bug Bounty ID: OBB-544234 Description| Value ---|--- Affected Website:| friendsofdunhuang.org Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Iframe Injection / CWE-79 CVSSv3 Score:| 6.1...
carib.customs.gov.tt IFRAME Injection vulnerability
Open Bug Bounty ID: OBB-544197 Description| Value ---|--- Affected Website:| carib.customs.gov.tt Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Iframe Injection / CWE-79 CVSSv3 Score:| 6.1...
pkapp.pka.gov.my IFRAME Injection vulnerability
Open Bug Bounty ID: OBB-544194 Description| Value ---|--- Affected Website:| pkapp.pka.gov.my Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Iframe Injection / CWE-79 CVSSv3 Score:| 6.1...
army.mil.ph IFRAME Injection vulnerability
Open Bug Bounty ID: OBB-544179 Description| Value ---|--- Affected Website:| army.mil.ph Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Iframe Injection / CWE-79 CVSSv3 Score:| 6.1...
headlines24.nl IFRAME Injection vulnerability
Open Bug Bounty ID: OBB-533734 Description| Value ---|--- Affected Website:| headlines24.nl Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Iframe Injection / CWE-79 CVSSv3 Score:| 6.1...
Transmission - RPC DNS Rebinding
The transmission bittorrent client uses a client/server architecture, the user interface is the client and a daemon runs in the background managing the downloading, seeding, etc. Clients interact with the daemon using JSON RPC requests to a web server listening on port 9091. By default, the daemo...
RIG exploit kit campaign gets deep into crypto craze
There isn't a day that goes by without a headline about yet another massive spike in Bitcoin valuation, or a story about someone mortgaging their house to purchase the hardware required to become a serious cryptocurrency miner. If many folks are thinking about joining the 'crypto craze' movement,...
Automattic: Remote Code Execution in Wordpress Desktop
An attacker can create a malicious page that when viewed or edited in Wordpress Desktop App will results in remote code execution. This issue looks to be around this line of code: https://github.com/Automattic/wp-desktop/blob/develop/desktop/window-handlers/external-links/index.jsL38 If...
trustarc.com IFRAME Injection vulnerability
Open Bug Bounty ID: OBB-469480 Description| Value ---|--- Affected Website:| trustarc.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat Shee...
CVE-2017-17859
Samsung Internet Browser 6.2.01.12 allows remote attackers to bypass the Same Origin Policy, and conduct UXSS attacks to obtain sensitive information, via vectors involving an IFRAME element inside XSLT data in one part of an MHTML file. Specifically, JavaScript code in another part of this MHTML...
CVE-2017-17859
Samsung Internet Browser 6.2.01.12 allows remote attackers to bypass the Same Origin Policy, and conduct UXSS attacks to obtain sensitive information, via vectors involving an IFRAME element inside XSLT data in one part of an MHTML file. Specifically, JavaScript code in another part of this MHTML...
CVE-2017-17859
Samsung Internet Browser 6.2.01.12 allows remote attackers to bypass the Same Origin Policy, and conduct UXSS attacks to obtain sensitive information, via vectors involving an IFRAME element inside XSLT data in one part of an MHTML file. Specifically, JavaScript code in another part of this MHTML...
Design/Logic Flaw
Samsung Internet Browser 6.2.01.12 allows remote attackers to bypass the Same Origin Policy, and conduct UXSS attacks to obtain sensitive information, via vectors involving an IFRAME element inside XSLT data in one part of an MHTML file. Specifically, JavaScript code in another part of this MHTML...
bgyellow.com IFRAME Injection vulnerability
Open Bug Bounty ID: OBB-457569 Description| Value ---|--- Affected Website:| bgyellow.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat Shee...