723 matches found
wws-ceramic.com Cross Site Scripting vulnerability OBB-3192124
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
gatchfanfic.com Cross Site Scripting vulnerability OBB-3144399
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
PT-2022-27696 · Baijiacms · Baijiacms
Name of the Vulnerable Software and Affected Versions: baijiacms version v4 Description: A Remote Code Execution RCE vulnerability was found in includes/baijiacms/common.inc.php. Recommendations: For baijiacms version v4, consider restricting access to the includes/baijiacms/common.inc.php file...
WordPress 3.4.x < 3.4.2 XSS / Access Restriction Bypass Vulnerability
WordPress is prone to a cross-site scripting XSS and access restriction bypass vulnerability. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-late...
CVE-2022-43660
Improper neutralization of Server-Side Includes SSW within a web page in Movable Type series allows a remote authenticated attacker with Privilege of 'Manage of Content Types' may execute an arbitrary Perl script and/or an arbitrary OS command. Affected products/versions are as follows: Movable...
CVE-2022-43660
Improper neutralization of Server-Side Includes SSW within a web page in Movable Type series allows a remote authenticated attacker with Privilege of 'Manage of Content Types' may execute an arbitrary Perl script and/or an arbitrary OS command. Affected products/versions are as follows: Movable...
Input validation
Improper neutralization of Server-Side Includes SSW within a web page in Movable Type series allows a remote authenticated attacker with Privilege of 'Manage of Content Types' may execute an arbitrary Perl script and/or an arbitrary OS command. Affected products/versions are as follows: Movable...
CVE-2022-43660
Improper neutralization of Server-Side Includes SSW within a web page in Movable Type series allows a remote authenticated attacker with Privilege of 'Manage of Content Types' may execute an arbitrary Perl script and/or an arbitrary OS command. Affected products/versions are as follows: Movable...
CVE-2022-43660
The CVE-2022-43660 issue is an SSI (Server-Side Includes) handling vulnerability in Movable Type and related products. A remote authenticated attacker with the privilege “Manage of Content Types” could execute arbitrary Perl scripts or arbitrary OS commands via a crafted web page. Affected are Mo...
PT-2022-26995 · Unknown · Movable Type Premium Advanced +3
Name of the Vulnerable Software and Affected Versions: Movable Type versions 7 r.5301 and earlier Movable Type Advanced versions 7 r.5301 and earlier Movable Type Premium version 1.53 and earlier Movable Type Premium Advanced version 1.53 and earlier Description: The issue is related to the...
CVE-2022-43660
Improper neutralization of Server-Side Includes SSW within a web page in Movable Type series allows a remote authenticated attacker with Privilege of 'Manage of Content Types' may execute an arbitrary Perl script and/or an arbitrary OS command. Affected products/versions are as follows: Movable...
omnia-raczynscy.pl Cross Site Scripting vulnerability OBB-3071621
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
CLSA-2022-1668701633 libxml2: Fix of CVE-2016-3709
CVE-2016-3709: back to URI escape in server side includes...
CLSA-2022-1668701552 libxml2: Fix of CVE-2016-3709
CVE-2016-3709: back to URI escape in server side includes...
Multiple vulnerabilities in Movable Type
Overview Movable Type provided by Six Apart Ltd. contains multiple vulnerabilities listed below. Improper Validation of Syntactic Correctness of Input CWE-1286 - CVE-2022-45113 Cross-site Scripting CWE-79 - CVE-2022-45122 Improper Neutralization of Server-Side Includes SSI Within a Web Page CWE-9...
seksshopistanbul.net Cross Site Scripting vulnerability OBB-2956728
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
hartgersradiateuren.nl Cross Site Scripting vulnerability OBB-2941200
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
geevers.nl Cross Site Scripting vulnerability OBB-2934123
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
walkerbooks.com.au Cross Site Scripting vulnerability OBB-2922918
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
jeremyreiss.fr Cross Site Scripting vulnerability OBB-2856889
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...