Lucene search
K

5125 matches found

OSV
OSV
added 2017/07/12 8:29 p.m.2 views

CVE-2017-11195

Pulse Connect Secure 8.3R1 has Reflected XSS in launchHelp.cgi. The helpLaunchPage parameter is reflected in an IFRAME element, if the value contains two quotes. It properly sanitizes quotes and tags, so one cannot simply close the src with a quote and inject after that. However, an attacker can...

6.1CVSS5.8AI score0.00898EPSS
Exploits0References3
Prion
Prion
added 2017/07/12 8:29 p.m.14 views

Cross site scripting

Pulse Connect Secure 8.3R1 has Reflected XSS in launchHelp.cgi. The helpLaunchPage parameter is reflected in an IFRAME element, if the value contains two quotes. It properly sanitizes quotes and tags, so one cannot simply close the src with a quote and inject after that. However, an attacker can...

4.3CVSS5.9AI score0.00898EPSS
Exploits0References3Affected Software1
Openbugbounty
Openbugbounty
added 2017/07/09 7:57 a.m.21 views

bullguard.com IFRAME Injection vulnerability

Open Bug Bounty ID: OBB-262325 Description| Value ---|--- Affected Website:| bullguard.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Iframe Injection / CWE-79 CVSSv3 Score:| 6.1...

6.7AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/07/06 3:30 a.m.12 views

molex.com IFRAME Injection vulnerability

Open Bug Bounty ID: OBB-260610 Description| Value ---|--- Affected Website:| molex.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Iframe Injection / CWE-79 CVSSv3 Score:| 6.1...

6.7AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/07/01 9:2 a.m.14 views

thepiratebay.org IFRAME Injection vulnerability

Vulnerable URL: https://thepiratebay.org/ads/middle/index.php?r=24=bar=Countrywise.S07E04.XviD-AFG=michal:"' XANY Details: Description| Value ---|--- Patched:| Yes, at 26.10.2017 Latest check for patch:| 26.10.2017 10:42 GMT Vulnerability type:| IFRAME Injection Vulnerability status:| Publicly...

7.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/07/01 8:58 a.m.9 views

onlinewebfonts.com IFRAME Injection vulnerability

Vulnerable URL: https://www.onlinewebfonts.com/search?q=" XANY Details: Description| Value ---|--- Patched:| No Latest check for patch:| 29.07.2017 Vulnerability type:| IFRAME Injection Vulnerability status:| Publicly disclosed Alexa Rank| 87551 VIP website status:| Yes Check onlinewebfonts.com S...

7.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/06/29 5:46 p.m.9 views

download.pmi.it IFRAME Injection vulnerability

Open Bug Bounty ID: OBB-254985 Description| Value ---|--- Affected Website:| download.pmi.it Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Iframe Injection / CWE-79 CVSSv3 Score:| 6.1...

6.7AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/06/29 5:31 p.m.23 views

inia.gob.es IFRAME Injection vulnerability

Vulnerable URL: http://www.inia.gob.es/IniaPortal/goUrlDinamica.action?url=https://www.openbugbounty.org/ Details: Description| Value ---|--- Patched:| No Latest check for patch:| 10.08.2017 Vulnerability type:| IFRAME Injection Vulnerability status:| Publicly disclosed Alexa Rank| 11557901 VIP...

7.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/06/29 5:16 p.m.12 views

direitovivo.com.br IFRAME Injection vulnerability

Vulnerable URL: http://www.direitovivo.com.br/asp/redirect.asp?url=https://www.openbugbounty.org Details: Description| Value ---|--- Patched:| No Latest check for patch:| 21.09.2017 Vulnerability type:| IFRAME Injection Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculate...

7.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/06/28 3:14 a.m.14 views

freesexyindians.com IFRAME Injection vulnerability

Vulnerable URL: https://www.freesexyindians.com/?s= XANY Details: Description| Value ---|--- Patched:| No Latest check for patch:| 30.07.2017 Vulnerability type:| IFRAME Injection Vulnerability status:| Publicly disclosed Alexa Rank| 23403 VIP website status:| Yes Coordinated Disclosure Timeline:...

7.4AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/06/20 4:30 a.m.10 views

kissanimes.net IFRAME Injection vulnerability

Open Bug Bounty ID: OBB-250357 Description| Value ---|--- Affected Website:| kissanimes.net Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Iframe Injection / CWE-79 CVSSv3 Score:| 6.1...

6.7AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/06/20 4:29 a.m.11 views

localmoxie.com IFRAME Injection vulnerability

Open Bug Bounty ID: OBB-250356 Description| Value ---|--- Affected Website:| localmoxie.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Iframe Injection / CWE-79 CVSSv3 Score:| 6.1...

6.7AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/06/19 1:59 p.m.8 views

usapa.org XSS vulnerability

Vulnerable URL: http://usapa.org/iframe/ptp/index.php?code=1/-///'/"//--...

6.9AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/06/15 6:3 a.m.10 views

loveroms.com IFRAME Injection vulnerability

Vulnerable URL: https://www.loveroms.com/roms.php?q=""; XANY Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| IFRAME Injection Vulnerability status:| Publicly disclosed Alexa Rank| 11670 VIP website status:| Yes Coordinated Disclosure Timeline: Description| Value ---|---...

7.3AI score
Exploits0
Veracode
Veracode
added 2017/05/29 7:29 a.m.8 views

Cross-site Scripting (XSS)

ckeditor-dev is vulnerable to cross-site scripting XSS attacks. A malicious user can inject and execute arbitrary javascript via the src attribute in the iframe element. This can only occur when the Iframe plugin is used and advanced content filter is turned off in a browser...

6AI score
Exploits0
Veracode
Veracode
added 2017/05/29 7:5 a.m.10 views

Cross-site Scripting (XSS)

ckeditor-dev is vulnerable to cross-site scripting XSS attacks. A malicious user can inject and execute arbitrary javascript via the srcdoc attribute in the iframe element. This attack can only happen with the Iframe plugin and Advanced Content Filter turned off...

6.1AI score
Exploits0
Hacker One
Hacker One
added 2017/05/25 6:47 a.m.20 views

OLX: OLX is vulnerable to clickjaking

A Olx.com webpage was vulnerable to a Clickjacking attack that could have lead to account sensitive information disclosure. @spiyushsonikumar1671 was able to demonstrate this vulnerability by crafting a specially formatted webpage with iframe embedded. We would like to thanks for this report...

1.9AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/05/19 6:44 p.m.7 views

belediyehaberleri.com IFRAME Injection vulnerability

Vulnerable URL: http://www.belediyehaberleri.com/view.php?url=https://openbugbounty.org/ Details: Description| Value ---|--- Patched:| Yes, at 29.07.2017 Latest check for patch:| 29.07.2017 19:24 GMT Vulnerability type:| IFRAME Injection Vulnerability status:| Publicly disclosed Alexa Rank| 12067...

7.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/05/08 1:32 p.m.12 views

dou.ua IFRAME Injection vulnerability

Vulnerable URL: https://dou.ua/users/maxim-yaremchuk/ Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| IFRAME Injection Vulnerability status:| Publicly disclosed Alexa Rank| 25283 VIP website status:| Yes Check dou.ua SSL connection:| Grade: A+ Coordinated Disclosure...

7.2AI score
Exploits0
OSV
OSV
added 2017/04/24 11:59 p.m.3 views

CVE-2017-5045

XSS Auditor in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed detection of a blocked iframe load, which allowed a remote attacker to brute force JavaScript variables via a crafted HTML page...

6.1CVSS7.3AI score
Exploits0References6
Rows per page
Query Builder