5124 matches found
5ye.ca IFRAME Injection vulnerability
Vulnerable URL: http://5ye.ca/go2.php?url=http://www.openbugbounty.org Details: Description| Value ---|--- Patched:| Yes, at 27.07.2017 Latest check for patch:| 27.07.2017 10:56 GMT Vulnerability type:| IFRAME Injection Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculate...
therevolution962.com IFRAME Injection vulnerability
Vulnerable URL: http://www.therevolution962.com/goout.php?to=http://www.openbugbounty.org Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| IFRAME Injection Vulnerability status:| Publicly disclosed Alexa Rank| 3120509 VIP website status:| N...
CVE-2016-6209
A user supplied GET parameter is used to create the value used as the src value of an iframe displayed on all pages. It allows for CSRF and javascript insertion techniques among others. An attacker could forge a malicious URL that could include javascript execution in the main browser frame...
epressnews.com IFRAME Injection vulnerability
Open Bug Bounty ID: OBB-166212 Description| Value ---|--- Affected Website:| epressnews.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat...
todaysart.nl IFRAME Injection vulnerability
Vulnerable URL: http://www.todaysart.nl/2006/linkout.php?l=https://www.openbugbounty.org/ Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| IFRAME Injection Vulnerability status:| Publicly disclosed Alexa Rank| 7856939 VIP website status:| N...
The vulnerability of Thunderbird software allows a malicious attacker to compromise the confidentiality and integrity of protected information.
The vulnerability exists in Mozilla Firefox and Thunderbird due to the incorrect implementation of the sandbox attribute for the IFRAME element. Exploiting this vulnerability allows malicious actors to circumvent content restrictions from a single same-origin source, by using a specially crafted...
The vulnerability of the Firefox browser allows a malicious attacker to compromise the confidentiality and integrity of protected information.
The vulnerability exists in Mozilla Firefox due to the incorrect implementation of the sandbox attribute for the IFRAME element. Exploiting this vulnerability allows malicious actors, operating remotely, to bypass content restrictions from a single same-origin source, by using a specially crafted...
The vulnerability of the Firefox browser, which allows a malicious actor to bypass domain restriction rules
The Mozilla Firefox browser contains a vulnerability related to errors in the implementation of class functions. Exploiting this vulnerability allows malicious actors to circumvent Domain Restrictions Policy SOP rules and gain access to confidential information through the use of IFrame elements...
The vulnerability of the Mozilla SeaMonkey software package, which allows a malicious actor to bypass domain restriction rules
The Mozilla SeaMonkey browser contains a vulnerability related to errors in the implementation of class functions. Exploiting this vulnerability allows malicious actors to circumvent domain restriction policies SOP and gain access to confidential information through the use of IFRAME elements and...
Internet Explorer Malformed IFRAME Buffer Overflow - ver 2 (CVE-2004-1050)
Internet Explorer IE is a popular web browser developed by Microsoft corporation. A buffer overflow vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is in the way Microsoft Internet Explorer parses certain parameters of an IFRAME tag. An attacker can exploit this...
Bumble: Change contents of the careers iframe in https://corp.badoo.com/jobs
Hi again badoo team , In https://corp.badoo.com/jobs/?p= if you check the page you'll see an iframe from https://jobs.jobvite.com/badoo/ , the p parameter is used to control the iframe link for example if you added https://corp.badoo.com/jobs/?p=somepath the iframe link will be...
laposte.fr IFRAME Injection vulnerability
Vulnerable URL: http://www.laposte.fr/outilsuivi/web/suiviInterMetiers.php?method=json=null=%22%3E%3CIFRAME%20SRC=https://www.openbugbounty.org%20%20width=1200%20height=800%3E Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| IFRAME Injection Vulnerability status:| Public...
nature.com IFRAME Injection vulnerability
Vulnerable URL: http://www.nature.com/wls/search-wls?criteria=%22%3E%3Ciframe%20src=%22https://www.openbugbounty.org%22%3E Details: Description| Value ---|--- Patched:| Yes, at 24.11.2017 Latest check for patch:| 24.11.2017 11:21 GMT Vulnerability type:| IFRAME Injection Vulnerability status:|...
shertonenglish.com IFRAME Injection vulnerability
Vulnerable URL: http://www.shertonenglish.com/sections/search.php?q=%22%3E%3Ciframe+src%3D%22https%3A%2F%2Fwww.openbugbounty.org%22%3E=Search=partner-pub-0137545846373693%3A1150942152=FORID%3A10=UTF-8 Details: Description| Value ---|--- Patched:| Yes, at 24.11.2017 Latest check for patch:|...
Resurrection of the Evil Miner
At FireEye Labs, we recently detected the resurgence of a coin mining campaign with a novel and unconventional infection vector in the form of an iFRAME inline frame – an HTML document embedded inside another HTML document on a web page that allows users to get content from another separate sourc...
Resurrection of the Evil Miner
At FireEye Labs, we recently detected the resurgence of a coin mining campaign with a novel and unconventional infection vector in the form of an iFRAME inline frame – an HTML document embedded inside another HTML document on a web page that allows users to get content from another separate sourc...
Resurrection of the Evil Miner
At FireEye Labs, we recently detected the resurgence of a coin mining campaign with a novel and unconventional infection vector in the form of an iFRAME inline frame – an HTML document embedded inside another HTML document on a web page that allows users to get content from another separate sourc...
meteoconsult.fr IFRAME Injection vulnerability
Vulnerable URL: http://www.meteoconsult.fr/synthese-previsions-meteo.php?recherche=%22%3E%3Ciframe+src%3D%22https%3A%2F%2Fwww.openbugbounty.org%22%3E Details: Description| Value ---|--- Patched:| Yes, at 24.11.2017 Latest check for patch:| 24.11.2017 11:20 GMT Vulnerability type:| IFRAME Injectio...
meteoconsult.it IFRAME Injection vulnerability
Open Bug Bounty ID: OBB-159985 Description| Value ---|--- Affected Website:| meteoconsult.it Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Iframe Injection / CWE-79 CVSSv3 Score:| 6.1...
meteoconsult.es IFRAME Injection vulnerability
Open Bug Bounty ID: OBB-159983 Description| Value ---|--- Affected Website:| meteoconsult.es Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Iframe Injection / CWE-79 CVSSv3 Score:| 6.1...