EUVD-2025-3884

Malicious code in bioql PyPI...

CVE-2025-24691

Missing Authorization vulnerability in ctltwp People Lists people-lists allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects People Lists: from n/a through = 1.3.10...

facultypubs.library.ubc.ca Cross Site Scripting vulnerability OBB-3783510

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

lists.schools.apsc.ubc.ca Open Redirect vulnerability OBB-3711517

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

lists.sala.ubc.ca Open Redirect vulnerability OBB-3711513

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

lists.vancouver.engineering.ubc.ca Open Redirect vulnerability OBB-3711514

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

lists.mining.ubc.ca Open Redirect vulnerability OBB-3711512

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

lists.mhlp.ubc.ca Open Redirect vulnerability OBB-3711504

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

ubcpress.ca Cross Site Scripting vulnerability OBB-2153217

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

forestat1.stat.ubc.ca Cross Site Scripting vulnerability OBB-1276132

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

licenses.library.ubc.ca Cross Site Scripting vulnerability OBB-1274765

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

shibboleth-sauder-ubc-csm.symplicity.com Open Redirect vulnerability

Open Bug Bounty ID: OBB-983201 Security Researcher Elicx Helped patch 30 vulnerabilities Received 2 Coordinated Disclosure badges , a holder of 2 badges for responsible and coordinated disclosure, found a security vulnerability affecting shibboleth-sauder-ubc-csm.symplicity.com website and its...

tickets.ubc.ca XSS vulnerability

Open Bug Bounty ID: OBB-558172 Description| Value ---|--- Affected Website:| tickets.ubc.ca Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

seminars.econ.ubc.ca XSS vulnerability

Open Bug Bounty ID: OBB-331256 Description| Value ---|--- Affected Website:| seminars.econ.ubc.ca Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

aplaceofmind.ubc.ca XSS vulnerability

Open Bug Bounty ID: OBB-325752 Description| Value ---|--- Affected Website:| aplaceofmind.ubc.ca Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

cdn.ubc.ca XSS vulnerability

Vulnerable URL: https://cdn.ubc.ca/clf/globalutility/index.php?jsoncallback=prompt/OPENBUGBOUNTY/...

ubc-group.fr XSS vulnerability

Open Bug Bounty ID: OBB-83698 Description| Value ---|--- Affected Website:| ubc-group.fr Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat Sheet...

CVE-2006-5594

The CVE-2006-5594 entry concerns a PHP remote file inclusion vulnerability in University of British Columbia iPeer 2.0 (and possibly earlier). The issue allows an attacker to execute arbitrary PHP code by supplying a URL in the page parameter. This is the primary vulnerability described in the co...