18 matches found
EUVD-2025-198084
The Mozart FM Transmitter web management interface on version WEBMOZZI-00287, contains an unrestricted file upload vulnerability in the /patch.php endpoint. An attacker with administrative credentials can upload arbitrary files e.g., PHP webshells, which are stored in the /patch/ directory. This...
DB Electronica Mozart FM Transmitter 安全漏洞
DB Electronica Mozart FM Transmitter is a line of professional-grade FM radio transmitters from DB Electronica, Italy. A security vulnerability exists in the DB Electronica Mozart FM Transmitter version WEBMOZZI-00287, which originates from the presence of an unrestricted file upload in the...
CVE-2025-63227
The CVE-2025-63227 issue affects Mozart FM Transmitter web management interface WEBMOZZI-00287. Affected component: /patch.php with unrestricted file upload; requires administrative credentials to upload arbitrary files (e.g., PHP webshells) stored under /patch/, enabling execution of arbitrary c...
perthpropertypartners.com.au XSS vulnerability
Open Bug Bounty ID: OBB-609907 Description| Value ---|--- Affected Website:| perthpropertypartners.com.au Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
fnnewcastle.com.au XSS vulnerability
Open Bug Bounty ID: OBB-609902 Description| Value ---|--- Affected Website:| fnnewcastle.com.au Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
habjancain.com.au XSS vulnerability
Open Bug Bounty ID: OBB-609893 Description| Value ---|--- Affected Website:| habjancain.com.au Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
loyalproperty.com.au XSS vulnerability
Open Bug Bounty ID: OBB-609895 Description| Value ---|--- Affected Website:| loyalproperty.com.au Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
mycoastrealty.com.au XSS vulnerability
Open Bug Bounty ID: OBB-609891 Description| Value ---|--- Affected Website:| mycoastrealty.com.au Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
rcre.com.au XSS vulnerability
Open Bug Bounty ID: OBB-609883 Description| Value ---|--- Affected Website:| rcre.com.au Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
mawby.com.au XSS vulnerability
Open Bug Bounty ID: OBB-609871 Description| Value ---|--- Affected Website:| mawby.com.au Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
industrialzone.com.au XSS vulnerability
Open Bug Bounty ID: OBB-609872 Description| Value ---|--- Affected Website:| industrialzone.com.au Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
wodongarealestate.com.au XSS vulnerability
Open Bug Bounty ID: OBB-609868 Description| Value ---|--- Affected Website:| wodongarealestate.com.au Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
tuckerrealestate.com.au XSS vulnerability
Open Bug Bounty ID: OBB-609858 Description| Value ---|--- Affected Website:| tuckerrealestate.com.au Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
abelas.com.au XSS vulnerability
Open Bug Bounty ID: OBB-609847 Description| Value ---|--- Affected Website:| abelas.com.au Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
blights.com.au XSS vulnerability
Open Bug Bounty ID: OBB-609839 Description| Value ---|--- Affected Website:| blights.com.au Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
sterlingnewlife.com.au XSS vulnerability
Open Bug Bounty ID: OBB-609838 Description| Value ---|--- Affected Website:| sterlingnewlife.com.au Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
CVE-2008-4439
CVE-2008-4439 affects MartinWood Datafeed Studio prior to 1.6.3, where PHP remote file inclusion is possible in admin/bin/patch.php via the INSTALL_FOLDER URL parameter, enabling remote execution of PHP code. Exploitation details are described in vendor references; one cited path notes a Datafeed...
Datafeed Studio - 'patch.php' Remote File Inclusion
source: https://www.securityfocus.com/bid/30659/info Datafeed Studio is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP code and execute it in th...