Lucene search
K

8 matches found

Cvelist
Cvelist
added 2026/06/16 2:10 p.m.23 views

CVE-2026-48780 Forem vulnerable to bypass of email address domain restrictions

Forem is open source software for building communities. Prior to commit a2ab6d4, a maliciously crafted email address could allow an attacker to bypass domain allowlist or denylist restrictions and gain access to invite-only forem deployments. The issue is patched as of a2ab6d4. As a workaround,...

8.2CVSS0.00218EPSS
Exploits0References2
Krebs on Security
Krebs on Security
added 2022/10/05 9:20 p.m.21 views

Glut of Fake LinkedIn Profiles Pits HR Against the Bots

A recent proliferation of phony executive profiles on LinkedIn is creating something of an identity crisis for the business networking site, and for companies that rely on it to hire and screen prospective employees. The fabricated LinkedIn identities -- which pair AI-generated profile photos wit...

6.9AI score
Exploits0
Hacker One
Hacker One
added 2021/06/07 11:5 a.m.53 views

HackerOne: Report Bulk endpoint "agree-on-going-public" action may reveal Report disclosure state for invite-only programs

Hello, Hope you are doing well, SUMMARY -In hackerone user doesn't have permission to do any action like "disclosing/undiclosing" in disclosed report. -Here user can send the "cancel-disclosure-request" request to the server and server accepts the request gave 200ok response with ""flash":"The...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2015/04/22 10:20 p.m.9 views

Google 'Project Fi' Wireless Service: 10 Amazing Facts

Google has just launched its long-rumored wireless cellular service that comes up to give a tough competition for AT&T and Verizon communication. Yes! A wireless Service for Cell Phone users. The web Internet giant, Google is now becoming a Mobile Virtual Network Operator MVNO by offering its...

6.8AI score
Exploits0
MSRC
MSRC
added 2013/12/06 8:0 a.m.8 views

BlueHat v13 is Coming

This week, starting Thursday, we’ll be hosting our 13th edition of BlueHat. I’m always so impressed with the level of knowledge we attract to each BlueHat, and while the event is invite-only, we’ll be sharing glimpses into the event via this blog and the hashtag BlueHat. For each of the past six...

7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2013/11/11 12:0 a.m.22 views

Fedora 20 : ReviewBoard-1.7.16-2.fc20 / python-djblets-0.7.21-1.fc20 (2013-18840)

Review Board 1.6.19 and 1.7.15 fix a few issues in the API where users could access certain data they should not have been able to access, if using the Local Sites feature, invite-only groups, or private repositories. It also fixes cases with invite-only groups where the group name and list of...

9.8CVSS6.5AI score0.0304EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2013/10/29 12:0 a.m.25 views

Fedora 19 : ReviewBoard-1.7.16-2.fc19 / python-djblets-0.7.21-1.fc19 (2013-18931)

Review Board 1.6.19 and 1.7.15 fix a few issues in the API where users could access certain data they should not have been able to access, if using the Local Sites feature, invite-only groups, or private repositories. It also fixes cases with invite-only groups where the group name and list of...

9.8CVSS6.5AI score0.0304EPSS
Exploits0References8
seebug.org
seebug.org
added 2008/06/20 12:0 a.m.30 views

TorrentTrader多个SQL注入漏洞

BUGTRAQ ID: 29787 CVECAN ID: CVE-2008-2428 TorrentTrader是用PHP编写的torrent tracker平台。 TorrentTrader的account-signup.php文件中没有正确地验证对email和wantusername参数的输入,远程攻击者可以通过SQL注入攻击检索管理员口令哈希。成功利用这个漏洞要求禁用了magicquotesgpc且站点没有配置为invite-only。...

6.8CVSS6.5AI score0.01221EPSS
Exploits1
Rows per page
Query Builder