Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Krebs on Security
Krebs on Securityadded 2024/07/15 3:24 p.m.11 views

Researchers: Weak Security Defaults Enabled Squarespace Domains Hijacks

At least a dozen organizations with domain names at domain registrar Squarespace saw their websites hijacked last week. Squarespace bought all assets of Google Domains a year ago, but many customers still havent set up their new accounts. Experts say malicious hackers learned they could commandee...

7.4AI score
Exploits0
HackRead
HackReadadded 2024/07/12 8:35 p.m.8 views

DeFi Hack Alert: Squarespace Domains Vulnerable to DNS Hijacking

DeFi apps on Squarespace are vulnerable to a DNS hijacking attack that redirects users to malicious sites. Over…...

7.2AI score
Exploits0
OSV
OSVadded 2024/06/25 1:1 p.m.5 views

MAL-2024-3047 Malicious code in squarespace-abtest (npm)

--- -= Per source details. Do not edit below this line.=-...

7.1AI score
Exploits0References2
Hacker One
Hacker Oneadded 2022/08/17 6:22 p.m.16 views

Stripe: [Broken Access Control ] Unauthorized Linking accounts & Linked Accounts info DIsclosure

@mrasg discovered that users of an account with member permissions were improperly allowed to see activated linked accounts and connect new carts to the account. I discovered a Vulnerability that allows the user who has member privileges to connect new carts to the Taxjar account , like...

6.9AI score
Exploits0
Wallarm Lab
Wallarm Labadded 2021/08/05 11:53 a.m.45 views

5 Themes for Product Security and Fostering Organizational Growth

In this article we would like to review what Raj Umadas, Product Security Manager at Compass, has shared during our recent webinar highlighting recurring themes that have led to impactful collaborations and organizational risk reduction. Product security ProdSec is crucial in the process of growi...

7.3AI score
Exploits0
Kitploit
Kitploitadded 2019/05/14 12:43 p.m.167 views

WAFW00F v1.0.0 - Detect All The Web Application Firewall!

WAFW00F identifies and fingerprints Web Application Firewall WAF products. How does it work? To do its magic, WAFW00F does the following: Sends a normal HTTP request and analyses the response; this identifies a number of WAF solutions. If that is not successful, it sends a number of potentially...

7.2AI score
Exploits0References3
Openbugbounty
Openbugbountyadded 2016/07/28 3:37 p.m.9 views

natalidelconte.squarespace.com Open Redirect vulnerability

Vulnerable URL: http://natalidelconte.squarespace.com/process/RedirectN?url=https://www.openbugbounty.org Details: Description| Value ---|--- Patched:| Yes, at 01.12.2016 Latest check for patch:| 01.12.2016 17:55 GMT Vulnerability type:| Open Redirect Vulnerability status:| Publicly disclosed Ale...

6.8AI score
Exploits0
Packet Storm
Packet Stormadded 2012/02/26 12:0 a.m.51 views

Squarespace Cross Site Scripting

Exploit Title: Squarespace Cross Site Scripting Date: 26.02.2012 Author: Sony Software Link: http://www.squarespace.com/ Google Dorks: powered by squarespace site:edu or org or com or what you want Web Browser : Mozilla Firefox Blog : http://st2tea.blogspot.com PoC:...

0.1AI score
Exploits0
Rows per page
Query Builder