Exposure Of Sensitive Information To An Unauthorized Actor

silverstripe/userforms is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor. This vulnerability is due to insufficient authorization checks in submission notification emails, potentially enabling an attacker to access sensitive files uploaded through the forms without prope...

CVE-2020-36410

A stored cross scripting XSS vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Email address to receive notification of news submission" parameter under the "Options" module...

ads.tmbpublishing.com Open Redirect vulnerability

Vulnerable URL: http://ads.tmbpublishing.com/openx/www/delivery/ck.php?dest=https://openbugbounty.org Details: Description| Value ---|--- Patched:| No Latest check for patch:| 21.09.2017 Vulnerability type:| Open Redirect Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not...

Threat Outbreak Alert: Fake Online Submission Notification Email Messages on July 22, 2013

Medium Alert ID: 30165 First Published: 2013 July 22 16:23 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain an online submission receipt notification for the recipient. The text in the email message attempts to persuade t...

eSyndiCat Input Validation Error Vulnerability

eSyndiCat is Directory websystem, a product of eSyndiCat.com It has security hole allow attackers get admin and more and more. Infected version: eSyndiCat Pro v1.x Infected file: manage-admins.php Use poc file to attack: ------------------------------------------------ pDiscovered by H2P - A memb...