CVE-2019-9550

DhCms through 2017-09-18 has admin.php?r=admin/Index/index XSS...

KB4038781: Windows 10 September 2017 Cumulative Update

The remote Windows host is missing security update 4038781. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability exists when Microsoft Windows PDF Library improperly handles objects in memory. The vulnerability could corrupt memory in a way that enables...

Fixed in Apache Tomcat 8.5.23

Important: Remote Code Execution CVE-2017-12617 When running with HTTP PUTs enabled e.g. via setting the readonly initialisation parameter of the Default servlet to false it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any...

waitaki.govt.nz XSS vulnerability

Vulnerable URL: http://www.waitaki.govt.nz/our-council/consultation/easter-sunday-shop-trading/Pages/default.aspx?FollowSite=0=%27-confirm%27OPENBUGBOUNTY%27-%27 Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank|...

getaservicetrust.org XSS vulnerability

Vulnerable URL: http://getaservicetrust.org/events/eventsstatview.php?pecat=eventcat&catvalue=School%20Bag&url=%22/%3E%3Cscript%3Ealert/OPENBUGBOUNTY/;%3C/script%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 29.12.2017 Vulnerability type:| XSS Vulnerability status:|...

Fixed in Apache Tomcat 9.0.1

Important: Remote Code Execution CVE-2017-12617 When running with HTTP PUTs enabled e.g. via setting the readonly initialisation parameter of the Default servlet to false it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any...

allenproperties.net XSS vulnerability

Vulnerable URL: http://www.allenproperties.net/properties/listing.php?id=13'" Details: Description| Value ---|--- Patched:| No Latest check for patch:| 28.12.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 2320569 VIP website status:| No Coordinated Disclosure...

tracking.korecow.jp Open Redirect vulnerability

Vulnerable URL: http://tracking.korecow.jp/af/c81e728d9d4c2f636f067f89cc14862c/4f4adcbf8c6f66dcfc8a3282ac2bf10a/?r=data%3Atext%2Fhtml%3Bbase64%2CPHNjcmlwdD5hbGVydCgvT1BFTkJVR0JPVU5UWS8pPC9zY3JpcHQ%2B Details: Description| Value ---|--- Patched:| Verification in progress Latest check for patch:|...

wonderfulmachine.com XSS vulnerability

Vulnerable URL: https://wonderfulmachine.com/ref?r=1=javascript:prompt/OPENBUGBOUNTY/; Details: Description| Value ---|--- Patched:| Verification in progress Latest check for patch:| 31.12.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 465322 VIP website...

korea.clicads.com XSS vulnerability

Open Bug Bounty ID: OBB-317905 Description| Value ---|--- Affected Website:| korea.clicads.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

go.mihantafrih.com Open Redirect vulnerability

Vulnerable URL: http://go.mihantafrih.com/index.php?url=https://openbugbounty.org Details: Description| Value ---|--- Patched:| No Latest check for patch:| 28.12.2017 Vulnerability type:| Open Redirect Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website...

pult.ru Open Redirect vulnerability

Vulnerable URL: http://www.pult.ru/bitrix//rk.php?id=1=https://www.openbugbounty.org Details: Description| Value ---|--- Patched:| No Latest check for patch:| 28.12.2017 Vulnerability type:| Open Redirect Vulnerability status:| Publicly disclosed Alexa Rank| 59372 VIP website status:| No...

neusoccer.org XSS vulnerability

Vulnerable URL:...

funpers.com XSS vulnerability

Vulnerable URL: http://funpers.com/68355 Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.12.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 650893 VIP website status:| No Coordinated Disclosure Timeline: Description| Value ---|---...

CVE-2017-14085

creationtimestamp| type| source ---|---|--- 2017-09-28 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/42893...

dortmund.de XSS vulnerability

Open Bug Bounty ID: OBB-317066 Description| Value ---|--- Affected Website:| dortmund.de Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

petpassion.tv XSS vulnerability

Vulnerable URL: https://www.petpassion.tv/register/step-1 Details: Description| Value ---|--- Patched:| No Latest check for patch:| 26.12.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 271854 VIP website status:| No Coordinated Disclosure Timeline: Description...

webstyles-portuguese.info Open Redirect vulnerability

Vulnerable URL: http://www.webstyles-portuguese.info/track.php?l=www.openbugbounty.org Details: Description| Value ---|--- Patched:| Verification in progress Latest check for patch:| 26.12.2017 Vulnerability type:| Open Redirect Vulnerability status:| Publicly disclosed Alexa Rank| 18695758 VIP...

lufthansaexperts.com XSS vulnerability

Vulnerable URL: https://www.lufthansaexperts.com/?exec=registersite=29site=29=xxx=48 Details: Description| Value ---|--- Patched:| No Latest check for patch:| 25.12.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 1093045 VIP website status:| No Coordinated...

portugalinvest.pt XSS vulnerability

Vulnerable URL: http://www.portugalinvest.pt/pesquisa.php?codigo=1%22%3E%3Csvg%20onload=alert%27OPENBUGBOUNTY%27%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 25.12.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not...