5124 matches found
cdhfasthealth.com IFRAME Injection vulnerability
Vulnerable URL: http://www.cdhfasthealth.com/goto.php?url=https://www.openbugbounty.org Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| IFRAME Injection Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP...
riversidefasthealth.com IFRAME Injection vulnerability
Vulnerable URL: http://www.riversidefasthealth.com/goto.php?url=https://www.openbugbounty.org Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| IFRAME Injection Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated V...
mountainviewfasthealth.com IFRAME Injection vulnerability
Vulnerable URL: http://www.mountainviewfasthealth.com/goto.php?url=https://www.openbugbounty.org Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| IFRAME Injection Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculate...
alerteprix.net IFRAME Injection vulnerability
Vulnerable URL: http://www.alerteprix.net/goto.php?url=https://www.openbugbounty.org Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| IFRAME Injection Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP websit...
dcmhfasthealth.com IFRAME Injection vulnerability
Vulnerable URL: http://www.dcmhfasthealth.com/goto.php?url=https://www.openbugbounty.org Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| IFRAME Injection Vulnerability status:| Publicly disclosed Alexa Rank| 12469963 VIP website status:| N...
apnahyderabad.com IFRAME Injection vulnerability
Vulnerable URL: http://www.apnahyderabad.com/redirecto.asp?site=https://www.openbugbounty.org Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| IFRAME Injection Vulnerability status:| Publicly disclosed Alexa Rank| 2032255 VIP website status...
Brave Software: Access to local file system using javascript
Hey, The browser can access the local files using iframes with a local html file. this is very normal and often used for local web development but javascript shouldn't be able to get the content of that iframe because this can be used to post the contents to the attackers server. something else I...
Cisco Patches Critical Bug In Video Conferencing Server Hardware
On Wednesday Cisco Systems patched a critical vulnerability found in its Cisco Meeting Server hardware, a key component in its enterprise audio, web and video conferencing service. The flaw, according to a Cisco Security Advisory, could allow an unauthenticated remote attacker to masquerade as a...
Cisco Unified Communications Manager iFrame Data Clickjacking Vulnerability
The Cisco Unified Communications Manager CUCM may be vulnerable to data that can be displayed inside an iframe within a web page, which in turn could lead to a clickjacking attack. Protection mechanisms should be used to prevent this type of attack. The vulnerability is due to a lack of proper...
Nextcloud: URI scheme bypass in mail app lead to HTML content spoof and opener control
Bug When we load a HTML mail from mailbox via api, etc http://nextcloud/index.php/apps/mail/accounts//folders/SU5CT1g=/messages//html Our content will be passed to HTML Purifier to strip malicious XSS patterns. After that, an filter will apply to transform acceptable URI schemes http, https, ftp,...
jewishmusic.fm IFRAME Injection vulnerability
Open Bug Bounty ID: OBB-185370 Description| Value ---|--- Affected Website:| jewishmusic.fm Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Iframe Injection / CWE-79 CVSSv3 Score:| 6.1...
opydo.pl IFRAME Injection vulnerability
Open Bug Bounty ID: OBB-185323 Description| Value ---|--- Affected Website:| opydo.pl Open Bug Bounty Program:| Not created yet Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation...
bdnews21.com IFRAME Injection vulnerability
Vulnerable URL: http://www.bdnews21.com/browse.php?link=www.openbugbounty.org Details: Description| Value ---|--- Patched:| Yes, at 11.01.2017 Latest check for patch:| 11.01.2017 13:28 GMT Vulnerability type:| IFRAME Injection Vulnerability status:| Publicly disclosed Alexa Rank| 199773 VIP websi...
eyrolles.com IFRAME Injection vulnerability
Vulnerable URL: http://www.eyrolles.com/Accueil/Recherche/?q=%22%3E%3Ciframe%20src=https://openbugbounty.org%3E Details: Description| Value ---|--- Patched:| Yes, at 24.11.2017 Latest check for patch:| 24.11.2017 18:55 GMT Vulnerability type:| IFRAME Injection Vulnerability status:| Publicly...
webring.org IFRAME Injection vulnerability
Open Bug Bounty ID: OBB-183909 Description| Value ---|--- Affected Website:| webring.org Open Bug Bounty Program:| Not created yet Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediatio...
bbt.co.jp IFRAME Injection vulnerability
Open Bug Bounty ID: OBB-183755 Description| Value ---|--- Affected Website:| bbt.co.jp Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat Sheet...
www1.tek.com IFRAME Injection vulnerability
Vulnerable URL: http://www1.tek.com/cgi-bin/frame.cgi?body=https://www.openbugbounty.org Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| IFRAME Injection Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP...
ny.com IFRAME Injection vulnerability
Vulnerable URL: https://www.ny.com/cgibin/frame.cgi?url=https://www.openbugbounty.org Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| IFRAME Injection Vulnerability status:| Publicly disclosed Alexa Rank| 321466 VIP website status:| No Che...
Mozilla Firefox Same-Origin Policy Bypass Vulnerability (CNVD-2016-08178)
Mozilla Firefox is an open source web browser. A vulnerability in Mozilla Firefox's handling of segment identifiers in the SRC attribute of the IFRAME element allows remote attackers to build malicious web pages that can be exploited to trick users into parsing them, which can be used to bypass t...
CVE-2016-5283
Mozilla Firefox before 49.0 allows remote attackers to bypass the Same Origin Policy via a crafted fragment identifier in the SRC attribute of an IFRAME element, leading to insufficient restrictions on link-color information after a document is resized...