das-insel-radio.de Cross Site Scripting vulnerability OBB-3269224

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

das-insel-reisebuero.de Cross Site Scripting vulnerability OBB-2417417

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

regenbogen-insel-ev.de Cross Site Scripting vulnerability OBB-2350697

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

insel-losinj.de Cross Site Scripting vulnerability OBB-1323821

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

insel-eintracht.de Cross Site Scripting vulnerability OBB-1323819

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

frische-insel.ch Cross Site Scripting vulnerability OBB-1298665

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

insel-losinj.de XSS vulnerability

Open Bug Bounty ID: OBB-709331 Description| Value ---|--- Affected Website:| insel-losinj.de Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| hidden...

Omegasoft Insel 7 Authentication Bypass Vulnerability and User Enumeration Weakness

No description provided by source. source: http://www.securityfocus.com/bid/27210/info Omegasoft Insel is prone to an authentication bypass vulnerability and a user-enumeration weakness. An attacker can exploit these issues to obtain sensitive information and gain unauthorized access to the...

CVE-2008-1134

CVE-2008-1134 affects OMEGA (aka Omegasoft) INterneSErvicesLosungen (INSEL) 7. The issue is an authentication flaw where a cookie that lacks a shared secret can be modified to log in as an arbitrary user. The connected sources confirm the vulnerable component is the INSEL 7 authentication mechani...

CVE-2008-1135

The CVE concerns OMEGA (aka Omegasoft) INterneSErvicesLosungen (INSEL) 7. The vulnerability arises because the login failure responses differ depending on whether a username is valid, enabling remote attackers to enumerate valid usernames. The documents do not provide explicit details on vulnerab...

CVE-2008-1135

OMEGA aka Omegasoft INterneSErvicesLosungen INSEL 7 generates different responses depending on whether or not a username is valid in a failed login attempt, which allows remote attackers to enumerate valid usernames...

CVE-2008-1134

OMEGA aka Omegasoft INterneSErvicesLosungen INSEL 7 supports authentication with a cookie that lacks a shared secret, which allows remote attackers to login as an arbitrary user via a modified cookie...

Omegasoft Insel 7 - Authentication Bypass / User Enumeration

source: https://www.securityfocus.com/bid/27210/info Omegasoft Insel is prone to an authentication bypass vulnerability and a user-enumeration weakness. An attacker can exploit these issues to obtain sensitive information and gain unauthorized access to the application. These issues affect...

Privileg escalation in Omegasoft Insel 7

Hi list, Omegasoft's Insel 7 stores Cookies on your computer for identifying the logged-in user. As these Cookies do not contain any password hash but only the username and some meaningless stuff you can easily get into the system with another login. this gets even more easy, as there is a...

Omegasoft Insel 7 - Authentication Bypass User Enumeration

Omegasoft Insel 7 - Authentication Bypass User Enumeration source: https://www.securityfocus.com/bid/27210/info Omegasoft Insel is prone to an authentication bypass vulnerability and a user-enumeration weakness. An attacker can exploit these issues to obtain sensitive information and gain...

Sql injection

Multiple SQL injection vulnerabilities in OmegaMw7.asp in OMEGA aka Omegasoft INterneSErvicesLosungen INSEL allow remote attackers to execute arbitrary SQL commands via 1 user-created text fields; the 2 F05003, 3 F05005, and 4 F05015 fields; and other unspecified standard fields...

CVE-2007-2992

Multiple SQL injection vulnerabilities in OmegaMw7.asp in OMEGA aka Omegasoft INterneSErvicesLosungen INSEL allow remote attackers to execute arbitrary SQL commands via 1 user-created text fields; the 2 F05003, 3 F05005, and 4 F05015 fields; and other unspecified standard fields...

CVE-2007-2992

CVE-2007-2992 describes multiple SQL injection vulnerabilities in OmegaMw7.asp for Omega (aka Omegasoft) INterneSErvicesLosungen (INSEL). The affected component is the OmegaMw7.asp page; the root cause is improper handling of user-controllable input in fields including the (1) user-created text f...

CVE-2007-2993

CVE-2007-2993 describes multiple cross-site scripting (XSS) vulnerabilities in OmegaMw7.asp of OMEGA (aka Omegasoft) INterneSErvicesLosungen (INSEL). The issue allows remote attackers to inject arbitrary web script or HTML via user-created text fields and specifically through the (1) F05003, (2) ...

[Full-disclosure] static XSS / SQL-Injection in Omegasoft Insel

Input passed to fields in OmegaMw7's tables isn't properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site and/or inject SQL-Commands This applies to many many standard fields i...