CVE-2024-52345

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in RobertoAlicata raqrcode ra-qrcode allows Stored XSS.This issue affects raqrcode: from n/a through = 2.1.0...

WordPress Mobile Pack Information Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress Mobile Pack Information Disclosure Vulnerability', 'Description' = %q This module exploits an information disclosure vulnerability in...

roberto-montano.com Cross Site Scripting vulnerability OBB-3904877

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

roberto-design.com Cross Site Scripting vulnerability OBB-3654843

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

robertoconcepcion.com Cross Site Scripting vulnerability OBB-3654842

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

roberto-design.com Cross Site Scripting vulnerability OBB-3226270

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

好奇心旺盛、革新的、創造的、コミュニティ主導型:Cyb3rWard0g、ロベルトロドリケスに会う

本ブログは、Curious, Innovative, Creative, Community Driven: Meet Cyb3rWard0g, Roberto Rodriquez の抄訳版です。最新の情報は原文を参照してください。 大きく...

Curious, Innovative, Creative, Community Driven: Meet Cyb3rWard0g, Roberto Rodriquez

When I grow up I want to be? Dancer or a veterinarian Happiest memories: Tearing up the dance floor at weddings and playing soccer in the streets of Lima, Peru Previous Job roles: Mopped floors for McDonalds, packed boxes at an Avon warehouse, Manager at Olive Garden, Beer taster/server and then...

Curious, Innovative, Creative, Community Driven: Meet Cyb3rWard0g, Roberto Rodriquez

When I grow up I want to be? Dancer or a veterinarian Happiest memories: Tearing up the dance floor at weddings and playing soccer in the streets of Lima, Peru Previous Job roles : Mopped floors for McDonalds, packed boxes at an Avon warehouse, Manager at Olive Garden, Beer taster/server and then...

Curious, Innovative, Creative, Community Driven: Meet Cyb3rWard0g, Roberto Rodriquez

When I grow up I want to be? Dancer or a veterinarian Happiest memories: Tearing up the dance floor at weddings and playing soccer in the streets of Lima, Peru Previous Job roles : Mopped floors for McDonalds, packed boxes at an Avon warehouse, Manager at Olive Garden, Beer taster/server and then...

roberto-spode.de Cross Site Scripting vulnerability OBB-2721645

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Grafiki - Threat Hunting Tool About Sysmon And Graphs

Grafiki is a Django project about Sysmon and graphs, for the time being. In my opinion EventViewer, Elastic and even Kibana, are not graphic enough. The current threats are complicated and if attackers think in graphs, defenders also must do it. This is a proof of concept, the code was not debugg...

roberto-design.com Cross Site Scripting vulnerability OBB-2615933

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

robertoverino.com Cross Site Scripting vulnerability OBB-2319680

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

RogueWinRM - Windows Local Privilege Escalation From Service Account To System

RogueWinRM is a local privilege escalation exploit that allows to escalate from a Service account with SeImpersonatePrivilege to Local System account if WinRM service is not running default on Win10 but NOT on Windows Server 2019. Briefly, it will listen for incoming connection on port 5985 fakin...

AVAST SecureLine 5.5.522.0 Unquoted Service Path

Exploit Title: AVAST SecureLine 5.5.522.0 - 'SecureLine' Unquoted Service Path Discovery by: Roberto Piña Discovery Date: 2020-03-24 Vendor Homepage:https://www.avast.com/ Software Link :https://www.avast.com/es-mx/download-thank-you.php?product=SLN&locale=es-mx Tested Version: 5.5.522.0...

HP System Event 1.2.9.0 Unquoted Service Path

Exploit Title: HP System Event 1.2.9.0 - 'HPWMISVC' Unquoted Service Path Discovery by: Roberto Piña Discovery Date: 2020-02-14 Vendor Homepage:https://www8.hp.com/mx/es/home.html Software Link:ftp://ftp.hp.com/pub/softpaq/sp70001-70500/sp70439.exe HP Development Company, L.P. Tested Version:...

Mordor - Re-play Adversarial Techniques

The Mordor project provides pre-recorded security events generated by simulated adversarial techniques in the form of JavaScript Object Notation JSON files for easy consumption. The pre-recorded data is categorized by platforms, adversary groups, tactics and techniques defined by the Mitre ATT&CK...

roberto-romero.com XSS vulnerability

Open Bug Bounty ID: OBB-708832 Description| Value ---|--- Affected Website:| roberto-romero.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| hidd...

roberto-romero.com XSS vulnerability

Open Bug Bounty ID: OBB-660200 Description| Value ---|--- Affected Website:| roberto-romero.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...