35 matches found
CVE-2026-52800
Gogs is an open source self-hosted Git service. Prior to 0.14.3, organization team member management can be performed via GET requests without CSRF protection. If a victim who is an organization owner is logged in and is tricked into visiting a crafted link, an attacker-controlled user can be add...
postgresql: CREATE STATISTICS does not check for schema CREATE privilege
A vulnerability has been identified in PostgreSQL’s CREATE STATISTICS command where the database does not check that the user has the required schema CREATE privilege. A table owner user could create a statistics object in any schema, blocking other users who legitimately hold CREATE STATISTICS...
postgresql: CREATE STATISTICS does not check for schema CREATE privilege
A vulnerability has been identified in PostgreSQL’s CREATE STATISTICS command where the database does not check that the user has the required schema CREATE privilege. A table owner user could create a statistics object in any schema, blocking other users who legitimately hold CREATE STATISTICS...
EUVD-2024-2618
Malicious code in bioql PyPI...
dougakensaku.com Cross Site Scripting vulnerability OBB-1378793
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
Security update for inn (moderate)
openSUSE Security Update: Security update for inn Announcement ID: openSUSE-SU-2020:1427-1 Rating: moderate References: 1172573 Cross-References: CVE-2020-8026 Affected Products: openSUSE Backports SLE-15-SP2 An update that fixes one vulnerability is now available. Description: This update for in...
CVE-2018-13080
The mintToken function of a smart contract implementation for Goutex GTX, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value...
desjardins.com XSS vulnerability
Vulnerable URL: https://desjardins.com/nous-joindre/index.jsp?idSectionRacine=1'"%26%25 Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 6288 VIP website status:| Yes Coordinated Disclosure Timeline: Description|...
katholisch-backnang.de XSS vulnerability
Vulnerable URL: https://katholisch-backnang.de/popup/email.php?emailname=%22%3E%3Csvg/onload=prompt%28/XSSPOSED/%29%3E\n Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 4994323 VIP website status:| No Coordinated...
scottmotorcompany.co.uk XSS vulnerability
Vulnerable URL: http://www.scottmotorcompany.co.uk/searchpage.php?make==any+model=%27%22%3e%3csvg/onload=confirm/openbugbounty/%3e Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 8535374 VIP website status:| No...
gloomysunday.hu XSS vulnerability
Vulnerable URL: http://gloomysunday.hu/shop.php?id=9" Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 15890004 VIP website status:| No Coordinated Disclosure Timeline: Description| Value ---|--- Vulnerability...
mec.ca XSS vulnerability
Vulnerable URL: https://www.mec.ca/en/products/c/100?text=aaaaaaaaaaaaaaa" onfocus=alert/OPENBUGBOUNTY/ autofocus a=" Details: Description| Value ---|--- Patched:| Yes, at 25.11.2017 Latest check for patch:| 25.11.2017 10:41 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed...
gzly.mofcom.gov.cn XSS vulnerability
Vulnerable URL: http://gzly.mofcom.gov.cn/website/face////wwwfacehistory.jsp?desc="page=5no=1417 Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| No Coordinated...
winkelmeier.at XSS vulnerability
Vulnerable URL: http://www.winkelmeier.at/typo3/typo3conf/ext/kjimagelightbox2/lib/class.txkjimagelightbox2print.php?image=13'" Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website...
edmazur.com XSS vulnerability
Vulnerable URL: http://edmazur.com/game/item.php?id=13'"15 Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 11905650 VIP website status:| No Coordinated Disclosure Timeline: Description| Value ---|--- Vulnerabilit...
alphonse-allais.ent27.fr XSS vulnerability
Vulnerable URL: http://alphonse-allais.ent27.fr/sg.do Details: Description| Value ---|--- Patched:| Yes, at 02.03.2017 Latest check for patch:| 02.03.2017 12:15 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 182427 VIP website status:| No Coordinated Disclosure...
catalog.smcvt.edu XSS vulnerability
Vulnerable URL: http://catalog.smcvt.edu/portfolionopop.php/"--!" Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| No Coordinated Disclosure Timeline: Description| Val...
floridastatecollegecatalog.fscj.edu XSS vulnerability
Vulnerable URL: http://floridastatecollegecatalog.fscj.edu/portfolionopop.php/"--!" Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| No Coordinated Disclosure Timeline...
thingstodo.dayton.com XSS vulnerability
Vulnerable URL: http://thingstodo.dayton.com/events?search="-alert'OPENBUGBOUNTY'-" Details: Description| Value ---|--- Patched:| Yes, at 28.07.2017 Latest check for patch:| 28.07.2017 13:06 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculate...
dentaldynamics.com XSS vulnerability
Vulnerable URL: http://dentaldynamics.com/users/editorialdisp.php?mn=" Details: Description| Value ---|--- Patched:| Yes, at 25.11.2017 Latest check for patch:| 25.11.2017 09:20 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website...