17 matches found
EUVD-2025-199984
Cross-Site Request Forgery CSRF vulnerability in Tekrom Technology Inc. T-Soft E-Commerce allows Cross Site Request Forgery.This issue affects T-Soft E-Commerce: through 28112025...
deine-erfolgreiche-bewerbung.com Improper Access Control vulnerability OBB-3797080
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
deepgulfenergy.com Improper Access Control vulnerability OBB-3797059
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
tickets.aqualandia.net Cross Site Scripting vulnerability OBB-3796777
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
seiwatei.net Cross Site Scripting vulnerability OBB-3796686
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
WordPress WP Tripadvisor Review Widgets Plugin <= 11.0.2 is vulnerable to Arbitrary File Upload
Software WP Tripadvisor Review Widgets Type Plugin Vulnerable versions = 11.0.2 Fixed in 11.1 OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2023-48275 Patch priority Medium CVSS severity Medium 8 Developer Claim ownership PSID bf86f8d389e5 Credits Rafie Muhammad Patchsta...
WordPress Shortcodes Ultimate Plugin <= 5.13.3 is vulnerable to Insecure Direct Object References (IDOR)
Software Shortcodes Ultimate Type Plugin Vulnerable versions = 5.13.3 Fixed in 7.0.0 OWASP Top 10 A1: Broken Access Control Classification Insecure Direct Object References IDOR CVE CVE-2023-6226 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 7b259d4a9888 Credits Francesc...
WordPress Widgets for Yelp Reviews Plugin <= 11.0.2 is vulnerable to Arbitrary File Upload
Software Widgets for Yelp Reviews Type Plugin Vulnerable versions = 11.0.2 Fixed in 11.1 OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2023-48275 Patch priority Medium CVSS severity Medium 8 Developer Claim ownership PSID 323b86ec1718 Credits Rafie Muhammad Patchstack...
WordPress Widgets for SourceForge Reviews Plugin <= 11.0.2 is vulnerable to Arbitrary File Upload
Software Widgets for SourceForge Reviews Type Plugin Vulnerable versions = 11.0.2 Fixed in 11.1 OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2023-48275 Patch priority Medium CVSS severity Medium 8 Developer Claim ownership PSID 54da1ae2f502 Credits Rafie Muhammad...
gecmodasa.ac.in Cross Site Scripting vulnerability OBB-3076269
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
WordPress HyperComments plugin <= 1.2.2 - Unauthenticated Arbitrary File Deletion vulnerability
Unauthenticated Arbitrary File Deletion vulnerability found by Lenon Leite in WordPress HyperComments plugin versions = 1.2.2. Solution 2020-12-09 - we were unable to find a patched version of this plugin. There's only note from wordpress.org available: "This plugin has been closed as of November...
Threat Outbreak Alert RuleID31471: Email Messages Distributing Malicious Software on November 28, 2017
Medium Alert ID: 56066 First Published: 2017 November 28 18:47 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID31471 may contain the following files: Name |...
vsetv.by XSS vulnerability
Open Bug Bounty ID: OBB-440608 Description| Value ---|--- Affected Website:| vsetv.by Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat Sheet...
mborayhu.coop.py XSS vulnerability
Vulnerable URL: http://www.mborayhu.coop.py/galeria.php?=2%22%27--!%3E%3Cscript%3EalertOPENBUGBOUNTY%3C/script%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 28.11.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not...
Threat Outbreak Alert RuleID26450: Email Messages Distributing Malicious Software on November 28, 2016
Medium Alert ID: 49888 First Published: 2016 November 28 17:05 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID26450 may contain the following files: Name |...
CVE-2016-9315
creationtimestamp| type| source ---|---|--- 2016-11-28 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/41361...
autoracingalley.com XSS vulnerability
Vulnerable URL: https://www.autoracingalley.com/previewimage.asp?image=%22%3E%3Csvg/onload=prompt%28/XSSPOSED/%29%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 26.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not...