29 matches found
VulnCheck KEV: CVE-2015-5471
Absolute path traversal vulnerability in include/user/download.php in the Swim Team plugin 1.44.10777 for WordPress allows remote attackers to read arbitrary files via a full pathname in the file parameter...
Malicious code in @marcos_feitoza/timer-tracker-swim (npm)
The package @marcosfeitoza/timer-tracker-swim was found to contain malicious code...
MAL-2025-9097 Malicious code in @marcos_feitoza/timer-tracker-swim (npm)
The package @marcosfeitoza/timer-tracker-swim was found to contain malicious code...
ai.swim:swim-js (=3.10.0), ai.swim:swim-vm (=3.10.0) +3052 more potentially affected by CVE-2025-50106 via org.graalvm.sdk:graal-sdk (>=19.0.0 <=21.0.0.2)
org.graalvm.sdk:graal-sdk MAVEN version =19.0.0, =0.0.1, =0.1.5, =0.1.5, =0.0.2, =0.0.2, =1.5.1, =1.0.0, =1.0.2, =1.0.0, =1.0.2, =1.0.2, =1.1.4 and more Source cves: CVE-2025-50106 Source advisory: SNYK:JAVA-ORGGRAALVMSDK-11998131...
ai.swim:swim-js (=3.10.0), ai.swim:swim-vm (=3.10.0) +3052 more potentially affected by CVE-2025-30754 via org.graalvm.sdk:graal-sdk (>=19.0.0 <=21.0.0.2)
org.graalvm.sdk:graal-sdk MAVEN version =19.0.0, =0.0.1, =0.1.5, =0.1.5, =0.0.2, =0.0.2, =1.5.1, =1.0.0, =1.0.2, =1.0.0, =1.0.2, =1.0.2, =1.1.4 and more Source cves: CVE-2025-30754 Source advisory: SNYK:JAVA-ORGGRAALVMSDK-11023285...
ai.swim:swim-js (=3.10.0), ai.swim:swim-vm (=3.10.0) +3052 more potentially affected by CVE-2025-21587 via org.graalvm.sdk:graal-sdk (>=19.0.0 <=21.0.0.2)
org.graalvm.sdk:graal-sdk MAVEN version =19.0.0, =0.0.1, =0.1.5, =0.1.5, =0.0.2, =0.0.2, =1.5.1, =1.0.0, =1.0.2, =1.0.0, =1.0.2, =1.0.2, =1.1.4 and more Source cves: CVE-2025-21587 Source advisory: SNYK:JAVA-ORGGRAALVMSDK-9728156...
ai.swim:swim-js (=3.10.0), ai.swim:swim-vm (=3.10.0) +3052 more potentially affected by CVE-2025-30698 via org.graalvm.sdk:graal-sdk (>=19.0.0 <=21.0.0.2)
org.graalvm.sdk:graal-sdk MAVEN version =19.0.0, =0.0.1, =0.1.5, =0.1.5, =0.0.2, =0.0.2, =1.5.1, =1.0.0, =1.0.2, =1.0.0, =1.0.2, =1.0.2, =1.1.4 and more Source cves: CVE-2025-30698 Source advisory: SNYK:JAVA-ORGGRAALVMSDK-9728203...
swim-sm.eu Cross Site Scripting vulnerability OBB-3947982
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
web.metroswimshop.com Cross Site Scripting vulnerability OBB-3700620
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
swim-h2020.eu Cross Site Scripting vulnerability OBB-3311403
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
swim-sm.eu Cross Site Scripting vulnerability OBB-2897129
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
swim-school.auksys.com Cross Site Scripting vulnerability OBB-2567848
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
swim-performance.de Improper Access Control vulnerability OBB-2215906
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
CVE-2019-1841 Cisco DNA Center Unintended Proxy Via SWIM Import Interface Vulnerability
A vulnerability in the Software Image Management feature of Cisco DNA Center could allow an authenticated, remote attacker to access to internal services without additional authentication. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this...
CVE-2019-1841 Cisco DNA Center Unintended Proxy Via SWIM Import Interface Vulnerability
A vulnerability in the Software Image Management feature of Cisco DNA Center could allow an authenticated, remote attacker to access to internal services without additional authentication. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this...
Cisco DNA Center Unintended Proxy Via SWIM Import Interface Vulnerability
A vulnerability in the Software Image Management feature of Cisco DNA Center could allow an authenticated, remote attacker to access to internal services without additional authentication. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this...
swim-media.com XSS vulnerability
Vulnerable URL: http://swim-media.com/?s=%27;alert/XSSPOSED///%27;alert/XSSPOSED///%22;alert/XSSPOSED///%22;alert/XSSPOSED///--%3E%3C/sCRipT%3E%22%3E%27%3E%3CsCRipT%3Ealert/XSSPOSED/%3C/sCRipT%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 29.07.2017 Vulnerability...
boards.adultswim.com XSS vulnerability
Vulnerable URL: http://boards.adultswim.com/?lang=%27-prompt%28%27OPENBUGBOUNTY%27%29-%27 Details: Description| Value ---|--- Patched:| Yes, at 13.07.2017 Latest check for patch:| 13.07.2017 01:56 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not...
Path traversal
Absolute path traversal vulnerability in include/user/download.php in the Swim Team plugin 1.44.10777 for WordPress allows remote attackers to read arbitrary files via a full pathname in the file parameter...
CVE-2015-5471
Absolute path traversal vulnerability in include/user/download.php in the Swim Team plugin 1.44.10777 for WordPress allows remote attackers to read arbitrary files via a full pathname in the file parameter...