EUVD-2023-36882

Malicious code in bioql PyPI...

CVE-2023-32639

Applicant Programme Ver.7.06 and earlier improperly restricts XML external entity references XXE. By processing a specially crafted XML file, arbitrary files on the system may be read by an attacker...

Test Driving a New Benefit Programme in Belfast

When most people think about benefits packages at work, what typically comes to mind are things like healthcare programmes, financial stipends, or wellbeing incentives. For Stephen, one benefit he uses on a daily basis comes on four wheels. Rapid7’s electric vehicle scheme was rolled out in late...

vijayainternationalschool.com Cross Site Scripting vulnerability OBB-3917564

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

freedomprogramme.co.uk Cross Site Scripting vulnerability OBB-3844662

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2023-32639

Applicant Programme Ver.7.06 and earlier improperly restricts XML external entity references XXE. By processing a specially crafted XML file, arbitrary files on the system may be read by an attacker...

CVE-2023-32639

Applicant Programme Ver.7.06 and earlier improperly restricts XML external entity references XXE. By processing a specially crafted XML file, arbitrary files on the system may be read by an attacker...

Xxe

Applicant Programme Ver.7.06 and earlier improperly restricts XML external entity references XXE. By processing a specially crafted XML file, arbitrary files on the system may be read by an attacker...

CVE-2023-32639

Applicant Programme Ver.7.06 and earlier improperly restricts XML external entity references XXE. By processing a specially crafted XML file, arbitrary files on the system may be read by an attacker...

PT-2023-23927 · Unknown · Applicant Programme

Name of the Vulnerable Software and Affected Versions: Applicant Programme versions 7.06 and earlier Description: The issue is related to the improper restriction of XML external entity references XXE in the Applicant Programme. This allows an attacker to read arbitrary files on the system by...

Improper restriction of XML external entity references (XXE) in Applicant Programme

Overview Applicant Programme provided by The Ministry of Justice improperly restricts XML external entity references XXE CWE-611. Toyama Taku and Sakaki Ryutaro of NEC Corporation reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...

JVN#37857022: Improper restriction of XML external entity references (XXE) in Applicant Programme

Applicant Programme provided by The Ministry of Justice improperly restricts XML external entity references XXE CWE-611. Impact By processing a specially crafted XML file, arbitrary files on the system may be read by an attacker. Solution Update the Software Update the software to the latest...

The Ministry of Justice Applicant Programme 代码问题漏洞

The Ministry of Justice Applicant Programme is a Department of Justice applicant programme application organized by The Ministry of Justice. A security vulnerability exists in Applicant Programme V7.06 and prior versions, which stems from an improper restriction of XML external entity references,...

onthreelegs.com Cross Site Scripting vulnerability OBB-2716599

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

record.sn Cross Site Scripting vulnerability OBB-2416332

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

programme-streaming.tv Cross Site Scripting vulnerability OBB-2159674

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

staedteverband.ch Cross Site Scripting vulnerability OBB-2137360

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

SYS.2.3.A9

Passwoerter SOLLTEN NICHT als Parameter an Programme uebergeben werden. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

tv-programme.com XSS vulnerability

Open Bug Bounty ID: OBB-455087 Description| Value ---|--- Affected Website:| tv-programme.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat...

Websites of Indian Embassy in 7 Countries Hacked; Database Leaked Online

Indian embassy websites in seven different countries have been hacked, and attackers have leaked personal data, including full name, residential address, email address, passport number and phone number, of Indian citizens living abroad. This incident is extremely worrying because it involves...