21 matches found
Malicious code in rambler-id (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 0d88b84167baafecc35066da4403daf40828ae3e5e178b06cb0d27c85670839c The OpenSSF Package Analysis project identified 'rambler-id' @ 91.9.9...
MAL-2025-5657 Malicious code in rambler-id (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 0d88b84167baafecc35066da4403daf40828ae3e5e178b06cb0d27c85670839c The OpenSSF Package Analysis project identified 'rambler-id' @ 91.9.9...
MAL-2024-11278 Malicious code in @rambler-help/shared (npm)
--- -= Per source details. Do not edit below this line.=-...
Technician Indicted for Hacking California Water Treatment Facility
By Deeba Ahmed The jury has charged Rambler Gallo with one count of transmitting a program, information, code, and command to cause damage to a protected computer. This is a post from HackRead.com Read the original post: Technician Indicted for Hacking California Water Treatment Facility...
RSS for Yandex Turbo < 1.30 - Authenticated Stored Cross-Site Scripting (XSS)
The plugin did not properly sanitise the user inputs from its Счетчики settings tab before outputting them back in the page, leading to authenticated stored Cross-Site Scripting issues PoC As admin, Navigate to Setting Яндекс.Турбо Счетчики and enter a payload such as " onmouseover="alert1 into a...
RSS for Yandex Turbo < 1.30 - Authenticated Stored Cross-Site Scripting (XSS)
The plugin did not properly sanitise the user inputs from its Счетчики settings tab before outputting them back in the page, leading to authenticated stored Cross-Site Scripting issues As admin, Navigate to Setting Яндекс.Турбо Счетчики and enter a payload such as " onmouseover="alert1 into all t...
Scam Alert: You've Been Selected for 'Like of the Year 2020' Cash Prizes
Cybersecurity researchers have discovered a large-scale ongoing fraud scheme that lures unsuspecting Russian Internet users with promises of financial rewards to steal their payment card information. According to researchers at Group-IB, the multi-stage phishing attack exploited the credibility o...
NGINX office in Moscow raided by police
By Waqas Russian authorities have raided NGINX offices in Moscow over a complaint filed by Rambler. Here's what happened: This is a post from HackRead.com Read the original post: NGINX office in Moscow raided by police...
Russian Police Raided NGINX Moscow Office, Detained Co-Founders
Seems like Rambler filled copyright claim to @isysoev regarding @nginx, nginx office under police raid unconfirmed. Originally posted by @igorippolitov , but somebody asked him to remove his post. pic.twitter.com/76mBNtV31G...
Russian Police Raided NGINX Moscow Office, Detained Co-Founders
Seems like Rambler filled copyright claim to @isysoev regarding @nginx, nginx office under police raid unconfirmed. Originally posted by @igorippolitov , but somebody asked him to remove his post. pic.twitter.com/76mBNtV31G...
games.rambler.ru XSS vulnerability
Open Bug Bounty ID: OBB-635401 Description| Value ---|--- Affected Website:| games.rambler.ru Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
vwo.osm.rambler.ru XSS vulnerability
Open Bug Bounty ID: OBB-565314 Description| Value ---|--- Affected Website:| vwo.osm.rambler.ru Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Disclosure Standard:| Coordinated Disclosure...
supermarket.rambler.ru XSS vulnerability
Vulnerable URL: http://supermarket.rambler.ru/search/?query="'--! Details: Description| Value ---|--- Patched:| No Latest check for patch:| 31.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| No Coordinated...
top100.rambler.ru XSS vulnerability
Vulnerable URL: http://top100.rambler.ru/?query=%22%3E%22%3Csvg%20onload=alert%28/OPENBUGBOUNTY/%29%3E%20=lol Details: Description| Value ---|--- Patched:| Yes, at 14.09.2016 Latest check for patch:| 14.09.2016 10:54 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Ran...
Rambler-Kassa - Dangerous filesystem permissions, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application Rambler-Kassa published at the 'play' market has multiple vulnerabilities...
Rambler Wear Navigation - Base64 encoded String, Customized SSL vulnerabilities
HackApp vulnerability scanner discovered that application Rambler Wear Navigation published at the 'play' market has multiple vulnerabilities...
m.search.rambler.ru XSS vulnerability
Vulnerable URL: http://m.search.rambler.ru/search?query='-prompt'XSSposed'-' Details: Description| Value ---|--- Patched:| Yes, at 23.02.2016 Latest check for patch:| 23.02.2016 01:33 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated Googl...
images.rambler.ru XSS vulnerability
Vulnerable URL: http://images.rambler.ru/search?query=xxx'-prompt'XSSposed'-' Details: Description| Value ---|--- Patched:| Yes, at 08.02.2016 Latest check for patch:| 08.02.2016 01:32 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated Goog...
video.rambler.ru XSS vulnerability
Vulnerable URL: http://video.rambler.ru/poisk/?query=%20%20%20%20%20%3Cscript%3Ealert%28%27XSSPOSED%27%29%3C%2Fscript%3E%20%20%20%20%20%3Cimg%20src%3Dx%20onerror%3Dprompt%28%2FXSSPOSED%2F%29%3E%20%20%20%20%20%3Cscript%20src%3Dhttps%3A%2F%2Fxssposed.org%2F1.js%3E Details: Description| Value ---|--...
nova.rambler.ru XSS vulnerability
Vulnerable URL: http://nova.rambler.ru/search?query=XSS%27-alert%28%27XSSPOSED%27%29-%27 Details: Description| Value ---|--- Patched:| Yes, at 10.02.2016 Latest check for patch:| 10.02.2016 15:09 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not...