36 matches found
MAL-2025-47562 Malicious code in my-test-module-first-vespero1017-santiago (npm)
The package my-test-module-first-vespero1017-santiago was found to contain malicious code. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 33810a758a26fa95007474f7ff42b136af0c4dddd650622180f655a72748472d Any computer that has this package installed or running should...
santiagodominicana.com Cross Site Scripting vulnerability OBB-3655448
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
santiagodecompostela.org Cross Site Scripting vulnerability OBB-2855620
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Imperva® Opens the first dedicated DDoS scrubbing center in Santiago, Chile
Imperva is excited to be further expanding our presence in Latin America by launching a new Point of Presence PoP in Santiago, Chile, in partnership with leading Chilean Telecommunications provider Entel Corporations. Located within Entel’s gold-standard Ciudad de Los Valles datacenter, which has...
TemaTres 3.0 - value Persistent Cross-site Scripting
TemaTres 3.0 - value Persistent Cross-site Scripting Exploit Title: TemaTres 3.0 - 'value' Persistent Cross-site Scripting Author: Pablo Santiago Date: 2019-11-14 Vendor Homepage: https://www.vocabularyserver.com/ Source:...
TemaTres 3.0 - (value) Persistent Cross-site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: TemaTres 3.0 - 'value' Persistent Cross-site Scripting Author: Pablo Santiago Date: 2019-11-14 Vendor Homepage: https://www.vocabularyserver.com/ Source:...
TemaTres 3.0 - Cross-Site Request Forgery (Add Admin)
TemaTres 3.0 - Cross-Site Request Forgery Add Admin Exploit Title: TemaTres 3.0 — Cross-Site Request Forgery Add Admin Author: Pablo Santiago Date: 2019-11-14 Vendor Homepage: https://www.vocabularyserver.com/ Source:...
TemaTres 3.0 - Cross-Site Request Forgery (Add Admin)
Exploit Title: TemaTres 3.0 — Cross-Site Request Forgery Add Admin Author: Pablo Santiago Date: 2019-11-14 Vendor Homepage: https://www.vocabularyserver.com/ Source: https://sourceforge.net/projects/tematres/files/TemaTres%203.0/tematres3.0.zip/download Version: 3.0 CVE : 2019–14345...
oXygen XML Editor 21.1.1 XML Injection
Exploit Title: oXygen XML Editor 21.1.1 - XML External Entity Injection Author: Pablo Santiago Date: 2019-11-13 Vendor Homepage: https://www.oxygenxml.com/ Source:https://www.oxygenxml.com/xmleditor/downloadoxygenxmleditor.html Version: 21.1.1 CVE : N/A Tested on: Windows 7 PoC 1- python -m...
oXygen XML Editor 21.1.1 - XML External Entity Injection Vulnerability
Exploit Title: oXygen XML Editor 21.1.1 - XML External Entity Injection Author: Pablo Santiago Vendor Homepage: https://www.oxygenxml.com/ Source:https://www.oxygenxml.com/xmleditor/downloadoxygenxmleditor.html Version: 21.1.1 CVE : N/A Tested on: Windows 7 PoC 1- python -m SimpleHTTPServer 8000...
Joomla 3.9.13 Host Header Injection
Exploit Title: Joomla 3.9.13 - 'Host' Header Injection Author: Pablo Santiago Date: 2019-11-12 Vendor Homepage: https://www.joomla.org/ Source: https://downloads.joomla.org/cms/joomla3/3-9-13/Joomla3-9-13-Stable-FullPackage.zip?format=zip Version: 3.9.13 CVE : N/A Tested on: Windows 10 PoC curl...
Flexense DiskBoss 9.1.16 Cross Site Scripting
Description: URL: l ocalhost/ Affected Component: /?n0ipr0csalert'XSS'n0ipr0cs=1 Vulnerability Type: Cross Site Scripting https://cwe.mitre.org/data/definitions/79.html Vendor of Product: Flexense-DiskBoss Version: v7.4.28 to v9.1.16 Attack Type: Remote Impact: This attack allows an attacker code...
Flexense DiskPulse 10.7 Cross Site Scripting
Description: URL: localhost/ Affected Component: /?n0ipr0csalert'XSS'n0ipr0cs=1 Vulnerability Type: Cross Site Scripting https://cwe.mitre.org/data/definitions/79.html Vendor of Product: Flexense DiskPulse Version: from v10.4 to v10.7. Attack Type: Remote Impact: This attack allows an attacker co...
Debian LTS: Security Advisory for tzdata (DLA-856-1)
This update includes the changes in tzdata 2017a. Notable changes are: - Mongolia no longer observes DST. - Magallanes region diverges from Santiago starting 2017-05-13, the America/PuntaArenas zone has been added. This VT has been deprecated as it doesn SPDX-FileCopyrightText: 2018 Greenbone AG...
santiago-putumayo.gov.co XSS vulnerability
Open Bug Bounty ID: OBB-247040 Description| Value ---|--- Affected Website:| santiago-putumayo.gov.co Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
santiago-nortedesantander.gov.co XSS vulnerability
Open Bug Bounty ID: OBB-246417 Description| Value ---|--- Affected Website:| santiago-nortedesantander.gov.co Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6....
Babylon Translator Cross Site Scripting
I. VULNERABILITY ------------------------- Vulnerability Cross-Site Scripting XSS II. PROOF OF CONCEPT ------------------------- URL: 1. http://espanol.babylon-software.com/bht/index.html?trid= 2. http://traductor.babylon-software.com/ingles/a-espanol/ 3...
Santiago Pontiroli and Roberto Martinez on ATM Jackpotting
Threatpost editor Mike Mimoso talks with Roberto Martinez and Santiago Pontiroli, researchers with Kaspersky Lab’s Global Research and Analysis Team GReAT about ATM malware, jackpotting, and why it works so well in Latin America...
tiendeo.cl XSS vulnerability
Vulnerable URL: http://www.tiendeo.cl/santiago/busqueda/1"confirm"XSSPOSED"" Details: Description| Value ---|--- Patched:| Yes, at 01.04.2016 Latest check for patch:| 01.04.2016 01:24 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 155631 Google Pagerank| 0 VIP...
Joomla! Component com_docman - Multiple Vulnerabilities
Joomla! Component comdocman - Multiple Vulnerabilities Joomla docman Component 'comdocman' Full Path DisclosureFPD & Local File Disclosure/IncludeLFD/LFI CWE: CWE-200FPD CWE-98LFI/LFD Risk: High Author: Hugo Santiago dos Santos Contact: [email protected] Date: 13/07/2015 Vendor Homepage:...