750 matches found
CVE-2024-29193 GHSL-2023-207 gotortc DOM-based Cross-site Scripting vulnerability
gotortc is a camera streaming application. Versions 1.8.5 and prior are vulnerable to DOM-based cross-site scripting. The index page index.html shows the available streams by fetching the API in the client side. Then, it uses Object.entries to iterate over the result whose first item name gets...
CVE-2024-24559 Vyper SHA3 code generation bug
Vyper is a Pythonic Smart Contract Language for the EVM. There is an error in the stack management when compiling the IR for sha364. Concretely, the height variable is miscalculated. The vulnerability can't be triggered without writing the IR by hand that is, it cannot be triggered from regular...
CVE-2023-49085
CVE-2023-49085 affects Cacti up to 1.2.25 (pollers.php) via SQL injection in pollers.php, with public references describing an attack path leading to remote code execution when combined with other vulnerabilities. Exploitation is demonstrated in a Metasploit module (requires auth with Sites/Devic...
haproxy: Incomplete fix for CVE-2021-39242 in OpenShift 4.9
The release of OpenShift 4.9.6 included four CVE fixes for the haproxy package, however the patch for CVE-2021-39242 was missing. This issue was only affects OpenShift 4.9...
AIX 5.3 TL 12 : solaris (IJ10554)
https://vulners.com/cve/CVE-2017-3623 https://vulners.com/cve/CVE-2017-3623 An unspecified vulnerability in Oracle Sun Systems related to the Solaris Kernel RPC component could allow an unauthenticated attacker to take control of the system. C Tenable Network Security, Inc. The text in the...
Oracle Enterprise Manager Ops Center Remote Code Execution (October 2017 CPU)
The version of Oracle Enterprise Manager Ops Center installed on the remote host is missing a security patch. It is, therefore, affected by a remote code execution vulnerability. Refer to the October 2017 CPU for details on this vulnerability. TRUSTED...
cif-bennes.com XSS vulnerability
Vulnerable URL:...
kuband.fta.channels.drsat.ca XSS vulnerability
Vulnerable URL: http://kuband.fta.channels.drsat.ca/cfm/drsat/channels.cfm?page=43======7,2=5=Keritzy%22%3EKeirtzy%3Cimg%20src=x%20onerror=prompt/XSSPOSED/%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 11.01.2018 Vulnerability type:| XSS Vulnerability status:|...
minasinova.com.br Open Redirect vulnerability
Vulnerable URL: http://minasinova.com.br/?adsclick=1=6904-6903-3557-900-3=20874b780e=http%3A%2F%2Fopenbugbounty.org Details: Description| Value ---|--- Patched:| No Latest check for patch:| 06.01.2018 Vulnerability type:| Open Redirect Vulnerability status:| Publicly disclosed Alexa Rank| 2748883...
oyster-suhyup.co.kr XSS vulnerability
Vulnerable URL: http://www.oyster-suhyup.co.kr/bddefault/bdDefaultView.do?searchCondition=/%27%22--!%3E%20%3Cimg%20src=x%20onerror=alert%22openbugbounty%22%3E==/%27%22--!%3E%20%3Cimg%20src=x%20onerror=alert%22openbugbounty%22%3E/bddefault/bdDefaultList.do=1bdseq=145idx=12395 Details: Description|...
laferretcapienne.fr XSS vulnerability
Vulnerable URL: http://www.laferretcapienne.fr/rechercher.php Details: Description| Value ---|--- Patched:| No Latest check for patch:| 31.10.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| No Check...
карьера.ноу-хау.рф XSS vulnerability
Vulnerable URL: http://карьера.ноу-хау.рф/resume/?CITY=112%27-prompt%27XSSPOSED%27-%27=30794%27-prompt%27XSSPOSED%27-%27 Details: Description| Value ---|--- Patched:| No Latest check for patch:| 29.08.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / No...
AXIS gSOAP Message Handling RCE (ACV-116267) (Devil's Ivy)
The remote AXIS device is running a firmware version that is missing a security patch. It is, therefore, affected by a remote code execution vulnerability, known as Devil's Ivy, due to an overflow condition that exists in a third party SOAP library gSOAP. An unauthenticated, remote attacker can...
taokaenoi.co.th XSS vulnerability
Vulnerable URL: http://www.taokaenoi.co.th/sendtofriend.php Details: Description| Value ---|--- Patched:| No Latest check for patch:| 31.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 718048 VIP website status:| No Check taokaenoi.co.th SSL connection:|...
lobeline.net XSS vulnerability
Vulnerable URL:...
Tenable SecurityCenter OpenSSL 1.0.2 < 1.0.2k Multiple Vulnerabilities (TNS-2017-04)
The Tenable SecurityCenter application installed on the remote host is missing a security patch. It is, therefore, affected by multiple vulnerabilities in the bundled version of OpenSSL : - A carry propagation error exists in the Broadwell-specific Montgomery multiplication procedure when handlin...
systweak.com XSS vulnerability
Vulnerable URL: http://www.systweak.com/fix-all-dll-errors/default.asp?searchtext=%3Csvg/onload=alert/OPENBUGBOUNTY/%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 29.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 72044 VIP...
fr.backoffice.be XSS vulnerability
Vulnerable URL:...
travbuddy.com XSS vulnerability
Vulnerable URL: http://www.travbuddy.com/register.php?mapid=" Details: Description| Value ---|--- Patched:| No Latest check for patch:| 28.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 106831 VIP website status:| No Coordinated Disclosure Timeline:...
ncg.kcl.ac.uk XSS vulnerability
Vulnerable URL: http://ncg.kcl.ac.uk/query.php?genename=%22%3E%3Csvg/onload=alert/XSSPOSED/%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 28.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website...