Lucene search
K

21 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2025/07/08 2:34 a.m.3 views

Malicious code in rambler-id (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 0d88b84167baafecc35066da4403daf40828ae3e5e178b06cb0d27c85670839c The OpenSSF Package Analysis project identified 'rambler-id' @ 91.9.9...

6.9AI score
Exploits0
OSV
OSV
added 2025/07/08 2:34 a.m.2 views

MAL-2025-5657 Malicious code in rambler-id (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 0d88b84167baafecc35066da4403daf40828ae3e5e178b06cb0d27c85670839c The OpenSSF Package Analysis project identified 'rambler-id' @ 91.9.9...

7.1AI score
Exploits0
OSV
OSV
added 2024/12/08 9:59 p.m.3 views

MAL-2024-11278 Malicious code in @rambler-help/shared (npm)

--- -= Per source details. Do not edit below this line.=-...

7.1AI score
Exploits0
HackRead
HackRead
added 2023/07/08 11:50 a.m.18 views

Technician Indicted for Hacking California Water Treatment Facility

By Deeba Ahmed The jury has charged Rambler Gallo with one count of transmitting a program, information, code, and command to cause damage to a protected computer. This is a post from HackRead.com Read the original post: Technician Indicted for Hacking California Water Treatment Facility...

7AI score
Exploits0
WPVulnDB
WPVulnDB
added 2021/04/21 12:0 a.m.26 views

RSS for Yandex Turbo < 1.30 - Authenticated Stored Cross-Site Scripting (XSS)

The plugin did not properly sanitise the user inputs from its Счетчики settings tab before outputting them back in the page, leading to authenticated stored Cross-Site Scripting issues PoC As admin, Navigate to Setting Яндекс.Турбо Счетчики and enter a payload such as " onmouseover="alert1 into a...

3.5CVSS1.8AI score0.0062EPSS
Exploits2Affected Software1
wpexploit
wpexploit
added 2021/04/21 12:0 a.m.124 views

RSS for Yandex Turbo < 1.30 - Authenticated Stored Cross-Site Scripting (XSS)

The plugin did not properly sanitise the user inputs from its Счетчики settings tab before outputting them back in the page, leading to authenticated stored Cross-Site Scripting issues As admin, Navigate to Setting Яндекс.Турбо Счетчики and enter a payload such as " onmouseover="alert1 into all t...

3.5CVSS5.3AI score0.0062EPSS
Exploits2
The Hacker News
The Hacker News
added 2020/02/20 12:36 p.m.4 views

Scam Alert: You've Been Selected for 'Like of the Year 2020' Cash Prizes

Cybersecurity researchers have discovered a large-scale ongoing fraud scheme that lures unsuspecting Russian Internet users with promises of financial rewards to steal their payment card information. According to researchers at Group-IB, the multi-stage phishing attack exploited the credibility o...

5.8AI score
Exploits0
HackRead
HackRead
added 2019/12/13 1:0 a.m.78 views

NGINX office in Moscow raided by police

By Waqas Russian authorities have raided NGINX offices in Moscow over a complaint filed by Rambler. Here's what happened: This is a post from HackRead.com Read the original post: NGINX office in Moscow raided by police...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2019/12/12 4:30 p.m.5 views

Russian Police Raided NGINX Moscow Office, Detained Co-Founders

Seems like Rambler filled copyright claim to @isysoev regarding @nginx, nginx office under police raid unconfirmed. Originally posted by @igorippolitov , but somebody asked him to remove his post. pic.twitter.com/76mBNtV31G...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2019/12/12 4:30 p.m.69 views

Russian Police Raided NGINX Moscow Office, Detained Co-Founders

Seems like Rambler filled copyright claim to @isysoev regarding @nginx, nginx office under police raid unconfirmed. Originally posted by @igorippolitov , but somebody asked him to remove his post. pic.twitter.com/76mBNtV31G...

6.9AI score
Exploits0
Openbugbounty
Openbugbounty
added 2018/06/22 4:24 p.m.6 views

games.rambler.ru XSS vulnerability

Open Bug Bounty ID: OBB-635401 Description| Value ---|--- Affected Website:| games.rambler.ru Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
Openbugbounty
Openbugbounty
added 2018/02/22 4:56 a.m.18 views

vwo.osm.rambler.ru XSS vulnerability

Open Bug Bounty ID: OBB-565314 Description| Value ---|--- Affected Website:| vwo.osm.rambler.ru Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Disclosure Standard:| Coordinated Disclosure...

6.4AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/05/16 3:55 p.m.12 views

supermarket.rambler.ru XSS vulnerability

Vulnerable URL: http://supermarket.rambler.ru/search/?query="'--! Details: Description| Value ---|--- Patched:| No Latest check for patch:| 31.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| No Coordinated...

6.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2016/08/23 12:58 p.m.15 views

top100.rambler.ru XSS vulnerability

Vulnerable URL: http://top100.rambler.ru/?query=%22%3E%22%3Csvg%20onload=alert%28/OPENBUGBOUNTY/%29%3E%20=lol Details: Description| Value ---|--- Patched:| Yes, at 14.09.2016 Latest check for patch:| 14.09.2016 10:54 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Ran...

6.3AI score
Exploits0
hackapp
hackapp
added 2016/07/08 12:33 p.m.13 views

Rambler-Kassa - Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Rambler-Kassa published at the 'play' market has multiple vulnerabilities...

0.5AI score
Exploits0References1Affected Software1
hackapp
hackapp
added 2016/04/01 8:48 a.m.12 views

Rambler Wear Navigation - Base64 encoded String, Customized SSL vulnerabilities

HackApp vulnerability scanner discovered that application Rambler Wear Navigation published at the 'play' market has multiple vulnerabilities...

0.3AI score
Exploits0References1Affected Software1
Openbugbounty
Openbugbounty
added 2016/01/18 8:33 a.m.5 views

m.search.rambler.ru XSS vulnerability

Vulnerable URL: http://m.search.rambler.ru/search?query='-prompt'XSSposed'-' Details: Description| Value ---|--- Patched:| Yes, at 23.02.2016 Latest check for patch:| 23.02.2016 01:33 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated Googl...

6.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2016/01/18 7:55 a.m.8 views

images.rambler.ru XSS vulnerability

Vulnerable URL: http://images.rambler.ru/search?query=xxx'-prompt'XSSposed'-' Details: Description| Value ---|--- Patched:| Yes, at 08.02.2016 Latest check for patch:| 08.02.2016 01:32 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated Goog...

6.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2016/01/18 6:42 a.m.7 views

video.rambler.ru XSS vulnerability

Vulnerable URL: http://video.rambler.ru/poisk/?query=%20%20%20%20%20%3Cscript%3Ealert%28%27XSSPOSED%27%29%3C%2Fscript%3E%20%20%20%20%20%3Cimg%20src%3Dx%20onerror%3Dprompt%28%2FXSSPOSED%2F%29%3E%20%20%20%20%20%3Cscript%20src%3Dhttps%3A%2F%2Fxssposed.org%2F1.js%3E Details: Description| Value ---|--...

6.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2015/10/27 12:5 a.m.5 views

nova.rambler.ru XSS vulnerability

Vulnerable URL: http://nova.rambler.ru/search?query=XSS%27-alert%28%27XSSPOSED%27%29-%27 Details: Description| Value ---|--- Patched:| Yes, at 10.02.2016 Latest check for patch:| 10.02.2016 15:09 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not...

6.3AI score
Exploits0
Rows per page
Query Builder