33 matches found
EUVD-2025-10630
Malicious code in bioql PyPI...
Malicious code in down-load-available-zip-now-the-world-has-made-me-the-man-of-my-dreams-gqtk0-kllgfr (npm)
The package down-load-available-zip-now-the-world-has-made-me-the-man-of-my-dreams-gqtk0-kllgfr was found to contain malicious code...
CVE-2025-31388
Cross-Site Request Forgery CSRF vulnerability in doa The World the-world allows Stored XSS.This issue affects The World: from n/a through = 0.4...
CVE-2025-31388
Cross-Site Request Forgery CSRF vulnerability in doa The World the-world allows Stored XSS.This issue affects The World: from n/a through = 0.4...
CVE-2025-31388 WordPress The World plugin <= 0.4 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery CSRF vulnerability in doa The World the-world allows Stored XSS.This issue affects The World: from n/a through = 0.4...
CVE-2025-31388
CVE-2025-31388: CSRF to Stored XSS in The World WordPress plugin is documented with affected version range (n/a–0.4) and a CVSS v3.1 base score of 7.1. Connected sources do not provide a product fix or exploit details; no remediation is specified in the provided documents.
Exploit for Protection Mechanism Failure in 7-Zip
🚀 7-Zip-CVE-2025-0411-POC Repository Welcome to the official...
MAL-2024-9337 Malicious code in ava-ilable-down-load-mp3-today-50529-lets-change-the-world-with-music-cx2zi-xhskuv (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware df195ac8737511909f9fe9908cbb3c0cc9287f38837903e901667ca3ac686141 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
dive-the-world.com Cross Site Scripting vulnerability OBB-3552871
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Heather Mills Gets An Apology and 'Substantial' Settlement in Spyware Case
The 2010-2011 News of the World phone hacking scandal – in which it was revealed that the tabloid dropped malware on celebrity targets’ phones in order to gather dirt for news stories – is still playing out in court. The latest is a settlement for a “substantial” sum paid to Heather Mills and her...
discover-the-world.com XSS vulnerability
Open Bug Bounty ID: OBB-705553 Description| Value ---|--- Affected Website:| discover-the-world.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:|...
the-world-2.gamerch.com XSS vulnerability
Open Bug Bounty ID: OBB-645506 Description| Value ---|--- Affected Website:| the-world-2.gamerch.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
Uber: Hack The World 2017 Top 2 Bonus
Thanks for your participation in Hack the World 2017, @nutellite!...
TV broadcasts in California interrupted to show “end of the world” alert
By Waqas Gear up for Armageddon- Strange Warning Messages Startled TV Viewers This is a post from HackRead.com Read the original post: TV broadcasts in California interrupted to show end of the world alert...
HackerOne in the third quarter TOP 5 vulnerability report-vulnerability warning-the black bar safety net
Foreword HackerOne in the third quarter TOP 5 vulnerability reports are coming announced. In this season, we participated in the Vegas hacker conference, hosted Hacked the World, and in the Reddit discussion above, some of the HackerOne problem. HackerOne vulnerability report from platform to...
Winx Club: Rocks the World - Base64 encoded String, Customized SSL, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application Winx Club: Rocks the World published at the 'play' market has multiple vulnerabilities...
The World Browser 3.0 Final Remote Code Execution
!/usr/bin/php ?php Author : Ehsan Noreddini E-Mail : [email protected] Social : @prot3ct0r Title : The World Browser Remote Code Execution TheWorld Browser is a tiny, fast and powerful web Browser. It is completely free. There is no function limitation. Version : 3.0 Final Date : 22 October 2015 CVE...
CVE-2014-6913
The Dive The World aka com.paperton.wl.divetheworld application 1.53 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
CVE-2014-6913
CVE-2014-6913 affects the Android app Dive The World (package com.paperton.wl.divetheworld) version 1.53. The vulnerability is that the app does not verify X.509 certificates from SSL servers, enabling man-in-the-middle attackers to spoof servers and exfiltrate sensitive information via a crafted...
Fedora Update for ksirk FEDORA-2013-10182
Check for the Version of ksirk OpenVAS Vulnerability Test Fedora Update for ksirk FEDORA-2013-10182 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms...