117 matches found
surf-centrum.cz Cross Site Scripting vulnerability OBB-3376117
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
surf-centrum.cz Cross Site Scripting vulnerability OBB-3252953
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
surf-report.com Cross Site Scripting vulnerability OBB-3135814
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
surf-centrum.cz Cross Site Scripting vulnerability OBB-2864428
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
surfersparadiseslsc.com.au Cross Site Scripting vulnerability OBB-2838020
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
surf-report.com Cross Site Scripting vulnerability OBB-2815112
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
snow.surfreport.it Cross Site Scripting vulnerability OBB-2651384
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Time-Based One-Time Password Algorithm (TOPT) Replay Attack
devise-two-factor is vulnerable to time-based one-time password algorithm TOPT replay attacks. A remote attacker is able to reuse the one-time-password immediately trailing the interval in order to gain access to the victim's account given that the attacker already knows the victim's credentials...
mauisunsandsurfcondos.com Cross Site Scripting vulnerability OBB-1432876
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
kansassurf.com Cross Site Scripting vulnerability OBB-1381674
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
CVE-2012-0842
surf: cookie jar has read access from other local user...
Code injection
surf: cookie jar has read access from other local user...
CVE-2012-0842
CVE-2012-0842 affects surf: the cookie jar can be read by a local user, enabling potential private cookie disclosure. The available documents describe the issue and its local access impact but do not provide exploitation details or remediation guidance.
The Brave Browser Extends Its Payouts to iOS
Nearly four years after Brave proposed paying users to surf the web, that vision is finally coming to the iPhone...
surf-report.com XSS vulnerability
Open Bug Bounty ID: OBB-607966 Description| Value ---|--- Affected Website:| surf-report.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
Santa Runner :Xmas Subway Surf - Base64 encoded String, Customized SSL, Dangerous filesystem permissions vulnerabilities
HackApp vulnerability scanner discovered that application Santa Runner :Xmas Subway Surf published at the 'play' market has multiple vulnerabilities...
Mr-Bean Surf - Dangerous filesystem permissions, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application Mr-Bean Surf published at the 'play' market has multiple vulnerabilities...
MSW Surf Forecast - Customized SSL, WebView SSL handling enabled, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application MSW Surf Forecast published at the 'play' market has multiple vulnerabilities...
devise-two-factor 1.1.0 and earlier vulnerable to replay attacks
A OTP replay vulnerability in devise-two-factor 1.1.0 and earlier allows local attackers to shoulder-surf a user's TOTP verification code and use it to login after the user has authenticated. By not "burning" a previously used TOTP, devise-two-factor allows a narrow window of opportunity aka the...
Snapchat's CAPTCHA Hacked in 30 Minutes, 100 Line of Code
It was only going to be a matter of time before someone figured out a way past Snapchat’s new CAPTCHA verification method. Just one day after the photo sharing application announced its latest security measure, one researcher claimed Wednesday that he was able to hack it with as few as 100 lines ...