parafia-bojkow.pl XSS vulnerability

Vulnerable URL: https://parafia-bojkow.pl/index.php?q=51akt=47=kategoria=42%27%22%3E%3Csvg/onload=confirm/OPENBUGBOUNTY/%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 08.12.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 8156516 V...

Moderate: Red Hat Security Advisory: satellite and spacewalk security and bug fix update

An update for satellite-schema, spacewalk-backend, spacewalk-java, and spacewalk-schema is now available for Red Hat Satellite 5.8 and Red Hat Satellite 5.8 ELS. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base...

youppido.com XSS vulnerability

Vulnerable URL: https://www.youppido.com/it/persone-dintorni/?action=persone-dintorni〈=itid=789id=17591=%22%3E%3Csvg/onload=prompt/OPENBUGBOUNTY///=0from=18to=70=2 Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank|...

OracleVM 3.3 / 3.4 : poppler (OVMSA-2017-0147)

The remote OracleVM system is missing necessary patches to address critical security updates : - Resolves: rhbz1479815 CVE-2017-9776 - Don't crash on streams without Length - Resolves: 1302365 - Use better default pixel size for printing of 0 width lines - Resolves: 1316163 - Identification of...

nakanune.ru XSS vulnerability

Vulnerable URL: http://www.nakanune.ru/theme/?tag=x Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 68646 VIP website status:| No Coordinated Disclosure Timeline: Description| Value ---|--- Vulnerability submitte...

electrobodegas.com XSS vulnerability

Vulnerable URL: http://electrobodegas.com/company.php?id=" Details: Description| Value ---|--- Patched:| Yes, at 28.11.2017 Latest check for patch:| 28.11.2017 10:45 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 13719171 VIP website status:| No Coordinated...

vajdaevang.hu XSS vulnerability

Vulnerable URL:...

DJI Launches Drone Bug Bounty Program

The lack of security in commercial drones has been well documented, but one Chinese manufacturer is working to fix that by incentivizing researchers who can poke holes in the software its drones run on. One of the largest unmanned aerial vehicle manufacturers, Dà-Jiāng Innovations Science and...

formations.action-sociale.org XSS vulnerability

Vulnerable URL: http://formations.action-sociale.org/recherche3.php Details: Description| Value ---|--- Patched:| Yes, at 26.11.2017 Latest check for patch:| 26.11.2017 15:17 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website...

mauritel.mr XSS vulnerability

Vulnerable URL: http://www.mauritel.mr/?dnnVariable=%27dnnpageload%27:%27alert/OPENBUGBOUNTY/%27 Details: Description| Value ---|--- Patched:| Verification in progress Latest check for patch:| 26.11.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 1616096 VIP...

CVE-2015-1395

Directory traversal vulnerability in GNU patch versions which support Git-style patching before 2.7.3 allows remote attackers to write to arbitrary files with the permissions of the target user via a .. dot dot in a diff file name...

Directory traversal

Directory traversal vulnerability in GNU patch versions which support Git-style patching before 2.7.3 allows remote attackers to write to arbitrary files with the permissions of the target user via a .. dot dot in a diff file name...

DEBIAN-CVE-2015-1395

Directory traversal vulnerability in GNU patch versions which support Git-style patching before 2.7.3 allows remote attackers to write to arbitrary files with the permissions of the target user via a .. dot dot in a diff file name...

CVE-2015-1395

Directory traversal vulnerability in GNU patch versions which support Git-style patching before 2.7.3 allows remote attackers to write to arbitrary files with the permissions of the target user via a .. dot dot in a diff file name...

youroilrecruitmentnews.com XSS vulnerability

Vulnerable URL: http://www.youroilrecruitmentnews.com/searchresults.php/%22'--!%3E%3CScript%20/K/%3Econfirm%22OPENBUGBOUNTY%22%3C/Script%20/K/%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 21.11.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed...

modelaznehtu.cz XSS vulnerability

Vulnerable URL: https://www.modelaznehtu.cz/shop.php?najdi=aceton%20%3C!%27/%22/%27/%22/--%3E%3C/Script%3E%3CImage%20SrcSet=K%20/;%20OnError=confirmOPENBUGBOUNTY%20//%3E=produkt Details: Description| Value ---|--- Patched:| Verification in progress Latest check for patch:| 19.11.2017...

More on the Vulnerabilities Equities Process

Richard Ledgett -- a former Deputy Director of the NSA -- argues against the US government disclosing all vulnerabilities: Proponents argue that this would allow patches to be developed, which in turn would help ensure that networks are secure. On its face, this argument might seem to make sense ...

shootingtargets7.com XSS vulnerability

Vulnerable URL: https://shootingtargets7.com/store/catalogsearch/result/?q=%3C%2Fscript%3E%3Cimg+src%3Dx+onerror%3Dprompt%28%2FXSSPOSED%2F%29%3E Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 784545 VIP website...

Rapid7 Threat Report: Q2 2017

We cannot believe that we're already into August! Time really flies when the internet is constantly on fire. When it came time to analyze data for our Q2 Threat Report and pull out threat trends and landscape changes, there was plenty to work with. Q2 kept defenders on their toes--from the Shadow...

Exploit for CVE-2017-8464

CVE-2017-8464-exp-generator this tool can generate a exp for c...