19 matches found
EUVD-2015-3029
Malware in sbrugna...
Tenda F3 安全漏洞
Tenda F3 is a 300M wireless router launched on May 15, 2015 by Shenzhen Jixiang Tenda Technology Co. Tenda F3 suffers from a buffer overflow vulnerability that originates from the goform/setWifi file failing to properly validate the length size of the input data, which can be exploited by an...
detimes.com.sg XSS vulnerability
Open Bug Bounty ID: OBB-64921 Description| Value ---|--- Affected Website:| detimes.com.sg Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat She...
air2water.net XSS vulnerability
Vulnerable URL: http://air2water.net/search.html?term=%3E%3C%2Ftitle%3E%3Cscript%3Ealert%28KCF%29%3C%2Fscript%3E%27%22%3E%3Cmarquee%3E%3Ch1%3Etest%3C%2Fh1%3E%3C%2Fmarquee%3E%3Csvg%2Fonload%3Dprompt%28%2FXSSPOSED%2F%29%3E=0=0to= Details: Description| Value ---|--- Patched:| Yes, at 22.11.2017 Late...
ozsuper.com.au Open Redirect vulnerability
Open Bug Bounty ID: OBB-64815 Description| Value ---|--- Affected Website:| ozsuper.com.au Vulnerable Application:| Custom Code Vulnerability Type:| Open Redirect / CWE-601 CVSSv3 Score:| 3.4 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:N Remediation Guide:| OWASP Open Redirect Cheat Sheet Vulnerab...
Google Chrome Multiple Vulnerabilities - 02 (May 2015) - Windows
Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...
Google Chrome Multiple Vulnerabilities - 02 - (May 2015) - Mac OS X
Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...
srisap.com XSS vulnerability
Vulnerable URL: http://www.srisap.com/search.php?m=%3E%3C/title%3E%3Cscript%3Ealert%28KCF%29%3C/script%3E%27%22%3E%3Cmarquee%3E%3Ch1%3Etest%3C/h1%3E%3C/marquee%3E%3Csvg/onload=prompt%28/XSSPOSED/%29%3E=R=5=Search Details: Description| Value ---|--- Patched:| Yes, at 22.11.2017 Latest check for...
Microsoft Windows - Local Privilege Escalation (MS15-010)
Microsoft Windows - Local Privilege Escalation MS15-010 // ex.cpp / Windows XP/2K3/VISTA/2K8/7 WMSYSTIMER Kernel EoP CVE-2015-0003 March 2015 Public Release: May 24, 2015 Tested on: x86: Win 7 SP1 | Win 2k3 SP2 | Win XP SP3 x64: Win 2k8 SP1 | Win 2k8 R2 SP1 Author: Skylake - skylake mail com /...
exams.griet.in XSS vulnerability
Open Bug Bounty ID: OBB-63942 Description| Value ---|--- Affected Website:| exams.griet.in Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat She...
descubretijuana.com XSS vulnerability
Open Bug Bounty ID: OBB-63229 Description| Value ---|--- Affected Website:| descubretijuana.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Chea...
Mozilla Thunderbird Multiple Vulnerabilities-01 (May 2015) - Mac OS X
Mozilla Thunderbird is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:thunderbird";...
VulnCheck KEV: CVE-2015-2945
mt-phpincgi.php in Hajime Fujimoto mt-phpincgi before 2015-05-15 does not properly restrict URLs, which allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via a crafted request, as exploited in the wild in May 2015...
nimpparikakkukone.fi XSS vulnerability
Open Bug Bounty ID: OBB-62226 Description| Value ---|--- Affected Website:| nimpparikakkukone.fi Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Che...
Adobe Flash Player Multiple Vulnerabilities - 01 (May 2015) - Windows
Adobe Flash Player is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:flashplayer";...
ncaa.org XSS vulnerability
Open Bug Bounty ID: OBB-61512 Description| Value ---|--- Affected Website:| ncaa.org Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
egresados.uadec.mx XSS vulnerability
Open Bug Bounty ID: OBB-61416 Description| Value ---|--- Affected Website:| egresados.uadec.mx Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat...
3gpvideos.in XSS vulnerability
Open Bug Bounty ID: OBB-60305 Description| Value ---|--- Affected Website:| 3gpvideos.in Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat Sheet...
Seagate Confirms NAS Zero Day, Won't Patch Until May
Seagate, over the weekend, confirmed the zero-day vulnerability in its Seagate Business Storage 2-Bay NAS boxes disclosed March 1. But in the same breath, told customers exposed to the vulnerability that a patch is still two months away. “For those customers who choose to keep their networks open...