EUVD-2024-50035

Malicious code in bioql PyPI...

Notice of Change Announcement: EOL MicroApps

Citrix Systems announces End of Maintenance EOM and End of Life EOL milestones for MicroApps. The milestones are provided in accordance with the guidelines established by the Citrix Product Lifecycle Support Policy. Microapps service deprecation The announcements in this article are intended to...

Acronis: Self XSS in attachments name

Hello Gents, + While testing account.acronis.com I found that I could inject XSS payload in attachments name at "Support requests" . Steps to Reproduce: 1. Please Login at account.acronis.com. 2. From support request, support a new case. 3. Expand Case ID, Leave a comment for support professional...

Acronis: XSS in (Support Requests) : User Cases

Stored XSS was possible on https://www.acronis.com/en-us/my/cases/index.html via support case sent to https://support.acronis.com...

Rockstar Games: Found CSRF Vulnerability in https://support.rockstargames.com/

In this report, the researcher found a CSRF vulnerability that potentially allowed an attacker to spam false support requests. This issue was resolved in a site update...

The TigerText Free Consumer Private Texting App (iOS) sends unencrypted user information in support requests

Overview The TigerText Free Consumer Private Texting App iOS sends unencrypted user information to TigerText support. Description The TigerText app generates an unencrypted log file containing the TigerText username and password on the device when a user taps on "Contact Customer Support." An ema...

JonDo 00.16.001 Released - Automatic error recognition and easier usability

JonDo 00.16.001 Released - Automatic error recognition and easier usability JonDos publishes a new version of the JonDo-Software, an IP changer and IP anonymization program, that you can use for anonymous surfing in the Internet with high security anonymous proxy servers. What is JonDo? JonDo is ...

Eventum Issue Tracking System 2.3.1 stored XSS

Exploit for php platform in category web applications Exploit Title: Eventum 2.3.1 stored XSS Date: 19-2-2011 Author: Saif El-Sherei Software Link: https://code.launchpad.net/eventum Version: Eventum 2.3.1 Tested on: FF 3.0.15, IE 8 Vendor notification: vendor notified, awaiting response Info:...

eventum issue tracking system 2.3.1 - Persistent Cross-Site Scripting

Exploit Title: Eventum 2.3.1 stored XSS Date: 19-2-2011 Author: Saif El-Sherei Software Link: https://code.launchpad.net/eventum Version: Eventum 2.3.1 Tested on: FF 3.0.15, IE 8 Vendor notification: vendor notified, awaiting response Info: Eventum is a user-friendly and flexible issue tracking...

Online Work Order System (OWOS) Professional Edition - Authentication Bypass

Online Work Order System OWOS Professional Edition - Authentication Bypass Author: L0rd CrusAd3r aka VSN [email protected] Exploit Title: Onlinetechtools OWOS: Professional Edition? Authentication Bypass Vulnerability Version:2.10 Price:900$ Vendor url:http://www.onlinetechtools.com Published...