vps-ccdc98c0.vps.ovh.net Open Redirect vulnerability OBB-3651320

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

schodyposw.cluster023.hosting.ovh.net Improper Access Control vulnerability OBB-2819640

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

MAL-2022-489 Malicious code in @ovh-ui/oui-pagination (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 24b3f3334cfba22670b73ba14b5ff0fe10f1bf298d2b6040a6cba6ac7b9bccd9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-488 Malicious code in @ovh-ui/oui-criteria (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 38e3daf3c161698ccb8c483181d0dbe53aa407f9df0432620715dcb668c5c093 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-487 Malicious code in @ovh-ui/oui-checkbox (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fc446acbcde3cb8149a13344305559cde9a9acee013c00efa4096db154923897 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious Package

Overview @ovh-ui/oui-pagination is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this...

Malicious Package

Overview @ovh-ui/oui-checkbox is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this...

Malicious Package

Overview @ovh-ui/oui-criteria is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this...

Malicious code in ovh-ovh (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1197910acfe610a3e26ff7d90aecdeb4a618c7f6a81bb94dfabf3377c58ad029 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-5156 Malicious code in ovh-ovh (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1197910acfe610a3e26ff7d90aecdeb4a618c7f6a81bb94dfabf3377c58ad029 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2021-38357

The SMS OVH WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the position parameter found in the /sms-ovh-sent.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 0.1...

CVE-2021-38357

The SMS OVH WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the position parameter found in the /sms-ovh-sent.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 0.1...

Cross site scripting

The SMS OVH WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the position parameter found in the /sms-ovh-sent.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 0.1...

CVE-2021-38357 SMS OVH <= 0.1 Reflected Cross-Site Scripting

The SMS OVH WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the position parameter found in the /sms-ovh-sent.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 0.1...

CVE-2021-38357 SMS OVH <= 0.1 Reflected Cross-Site Scripting

The SMS OVH WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the position parameter found in the /sms-ovh-sent.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 0.1...

CVE-2021-38357

CVE-2021-38357 affects the WordPress plugin SMS OVH (versions up to and including 0.1). The Reflected Cross‑Site Scripting vulnerability originates in the position parameter in the file ~/sms-ovh-sent.php, enabling injection of arbitrary web scripts. Connected sources consistently describe this i...

WordPress SMS OVH plugin <= 0.1 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by p7e4 in WordPress SMS OVH plugin versions = 0.1. Solution This plugin has been closed as of August 24, 2021 and is not available for download. This closure is temporary, pending a full review...

SMS OVH <= 0.1 - Reflected Cross-Site Scripting

The plugin is vulnerable to Reflected Cross-Site Scripting via the position parameter found in the /sms-ovh-sent.php file which allows attackers to inject arbitrary web scripts...

The-Bastion - Authentication, Authorization, Traceability And Auditability For SSH Accesses

Bastions are a cluster of machines used as the unique entry point by operational teams such as sysadmins, developers, database admins, ... to securely connect to devices servers, virtual machines, cloud instances, network equipment, ..., usually using ssh. Bastions provides mechanisms for...

The Malwarebytes 2021 State of Malware report: Lock and Code S02E04

This week on Lock and Code, we discuss the top security headlines generated right here on Labs. In addition, we tune in to a special presentation from Adam Kujawa about the 2021 State of Malware report, which analyzed the top cybercrime goals of 2020 amidst the global pandemic. If you just pay...