EUVD-2005-4286

Malware in sbrugna...

WordPress brodos.net Onlineshop Plugin plugin <= 2.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Peter Thaleikis in WordPress Plugin brodos.net Onlineshop Plugin versions = 2.0.2...

CVE-2024-12529

The brodos.net Onlineshop Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'BrodosCategory' shortcode in all versions up to, and including, 2.0.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible...

CVE-2024-12529 brodos.net Onlineshop Plugin <= 2.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting

The brodos.net Onlineshop Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'BrodosCategory' shortcode in all versions up to, and including, 2.0.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible...

CVE-2024-12529 brodos.net Onlineshop Plugin <= 2.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting

The brodos.net Onlineshop Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'BrodosCategory' shortcode in all versions up to, and including, 2.0.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible...

CVE-2024-12529

CVE-2024-12529 affects the brodos.net Onlineshop Plugin for WordPress; it is a Stored XSS via the BrodosCategory shortcode in all versions up to 2.0.2, exploitable by authenticated users with contributor+ access. Connected sources indicate a patch to 2.0.3 (ADP entry, 2025-01-27) and ongoing cove...

WordPress plugin brodos.net Onlineshop Plugin 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

alpaca-onlineshop.com Improper Access Control vulnerability OBB-3930998

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

animate-onlineshop.jp Cross Site Scripting vulnerability OBB-3902011

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

schwab-onlineshop.de Improper Access Control vulnerability OBB-3771375

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

onlineshop-medizin.de Cross Site Scripting vulnerability OBB-3734065

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

onlineshop-hundefutter.de Cross Site Scripting vulnerability OBB-1349248

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

sanga-onlineshop.com Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1153518 Security Researcher Tech4 Helped patch 38 vulnerabilities Received 1 Coordinated Disclosure badges Received 1 recommendations , a holder of 1 badges for responsible and coordinated disclosure, found a security vulnerability affecting sanga-onlineshop.com website an...

gartengeraete-onlineshop.de Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1144589 Security Researcher MitRauch Helped patch 288 vulnerabilities Received 3 Coordinated Disclosure badges Received 5 recommendations , a holder of 3 badges for responsible and coordinated disclosure, found a security vulnerability affecting gartengeraete-onlineshop.de...

snowoffice.at XSS vulnerability

Open Bug Bounty ID: OBB-608522 Description| Value ---|--- Affected Website:| snowoffice.at Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

austria-onlineshop.com XSS vulnerability

Open Bug Bounty ID: OBB-602168 Description| Value ---|--- Affected Website:| austria-onlineshop.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

onlineshop.nero.com Open Redirect vulnerability

Open Bug Bounty ID: OBB-558179 Description| Value ---|--- Affected Website:| onlineshop.nero.com Vulnerable Application:| Custom Code Vulnerability Type:| Open Redirect / CWE-601 CVSSv3 Score:| 3.4 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:N Disclosure Standard:| Coordinated Disclosure based on...

onlineshop.titgemeyer.de XSS vulnerability

Vulnerable URL: https://onlineshop.titgemeyer.de/registrierung/suche.html Details: Description| Value ---|--- Patched:| Yes, at 25.11.2017 Latest check for patch:| 25.11.2017 19:20 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP...

arko-onlineshop.de XSS vulnerability

Vulnerable URL: http://arko-onlineshop.de/catalogsearch/result/?q=%22%3E%3CsvG%2Fonload%3Dalert%2FOPENBUGBOUNTY%2F%3E Details: Description| Value ---|--- Patched:| Yes, at 22.07.2017 Latest check for patch:| 22.07.2017 20:58 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed...

trinkflaschen-onlineshop.de XSS vulnerability

Vulnerable URL: http://www.trinkflaschen-onlineshop.de/search.php?setSearchTxT=1txt=%22%3E%3Csvg%2Fonload%3Dalert%2FOPENBUGBOUNTY%2F%3E=0=0 Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 4919245 VIP website...