23 matches found
AWS SDK for .NET V4 adopted defense in depth enhancement for region parameter value
Summary This notification is related to the use of specific values for the region input field when calling AWS services. An actor with access to the environment in which the SDK is used could set the region input field to an invalid value. A defense-in-depth enhancement has been implemented in th...
CVE-2025-60799
phpPgAdmin 7.13.0 and earlier contains an incorrect access control vulnerability in sql.php at lines 68-76. The application allows unauthorized manipulation of session variables by accepting user-controlled parameters 'subject', 'server', 'database', 'queryid' without proper validation or access...
⚡ Weekly Recap: Fortinet Exploited, China's AI Hacks, PhaaS Empire Falls & More
This week showed just how fast things can go wrong when no one's watching. Some attacks were silent and sneaky. Others used tools we trust every day — like AI, VPNs, or app stores — to cause damage without setting off alarms. It's not just about hacking anymore. Criminals are building systems to...
CVE-2024-11578
creationtimestamp| type| source ---|---|--- 2024-11-21 05:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-24-1609/...
WordPress ForumEngine Theme <= 1.8 is vulnerable to Cross Site Scripting (XSS)
Software ForumEngine Type Theme Vulnerable versions = 1.8 Fixed in 1.9 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-10623 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 4119169dab6d Credits rajanhoyr Required privile...
imaillist.com.br Improper Access Control vulnerability OBB-3789864
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
burglauer.rhoen-saale.net Cross Site Scripting vulnerability OBB-3789698
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
lloyddesign.ca Improper Access Control vulnerability OBB-3789359
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
grammar.com Cross Site Scripting vulnerability OBB-3789028
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
cdt.ca Improper Access Control vulnerability OBB-3788922
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
propertytax.chattanooga.gov Cross Site Scripting vulnerability OBB-2278395
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
doccare.ch XSS vulnerability
Open Bug Bounty ID: OBB-700919 Description| Value ---|--- Affected Website:| doccare.ch Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| hidden until...
cuchara.be XSS vulnerability
Open Bug Bounty ID: OBB-700886 Description| Value ---|--- Affected Website:| cuchara.be Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| hidden until...
fiab.it XSS vulnerability
Open Bug Bounty ID: OBB-700781 Description| Value ---|--- Affected Website:| fiab.it Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| hidden until...
odys.meblemirjan.pl XSS vulnerability
Open Bug Bounty ID: OBB-424559 Description| Value ---|--- Affected Website:| odys.meblemirjan.pl Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Che...
yaelp.com XSS vulnerability
Vulnerable URL: http://www.yaelp.com/sI1%20Y%20DNA%22%22%3E%3Ch1%3EChri55%3C/h1%3E%3Cscript%3Ealert%28'XSSPOSED'%29%3C/script%3E%3C/br%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 21.11.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa...
mwatkinsgroup.com XSS vulnerability
Vulnerable URL: http://www.mwatkinsgroup.com/%3Cimg%20src=x%20onerror=prompt/OPENBUGBOUNTY/%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 21.11.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website...
fpf.pt Open Redirect vulnerability
Open Bug Bounty ID: OBB-253961 Description| Value ---|--- Affected Website:| fpf.pt Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Open Redirect / CWE-601 CVSSv3 Score:| 3.4...
Threat Outbreak Alert RuleID26453: Email Messages Distributing Malicious Software on November 21, 2016
Medium Alert ID: 49819 First Published: 2016 November 21 14:57 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID26453 may contain the following files: Name |...
Threat Outbreak Alert RuleID26422: Email Messages Distributing Malicious Software on November 21, 2016
Medium Alert ID: 49813 First Published: 2016 November 21 14:53 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID26422 may contain the following files: Name |...