72 matches found
scooter.lnk.to XSS vulnerability
Open Bug Bounty ID: OBB-652228 Description| Value ---|--- Affected Website:| scooter.lnk.to Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
CVE-2018-0384
A vulnerability in the detection engine of Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass a URL-based access control policy that is configured to block traffic for an affected system. The vulnerability exists because the affected software incorrectly...
Design/Logic Flaw
A vulnerability in the detection engine of Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass a URL-based access control policy that is configured to block traffic for an affected system. The vulnerability exists because the affected software incorrectly...
CVE-2018-0384
A vulnerability in the detection engine of Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass a URL-based access control policy that is configured to block traffic for an affected system. The vulnerability exists because the affected software incorrectly...
CVE-2018-0384
A vulnerability in the detection engine of Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass a URL-based access control policy that is configured to block traffic for an affected system. The vulnerability exists because the affected software incorrectly...
CVE-2018-0384
The CVE-2018-0384 entry describes a vulnerability in the Cisco FireSIGHT System Software detection engine where TCP packets arriving out of order during a TCP SYN retransmission are mishandled, allowing an unauthenticated, remote attacker to bypass a URL-based access control policy. The impact is...
Cisco FireSIGHT System Software URL-Based Access Control Policy Bypass Vulnerability
A vulnerability in the detection engine of Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass a URL-based access control policy that is configured to block traffic for an affected system. The vulnerability exists because the affected software incorrectly...
festicket.com XSS vulnerability
Open Bug Bounty ID: OBB-644804 Description| Value ---|--- Affected Website:| festicket.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
relook.ru XSS vulnerability
Open Bug Bounty ID: OBB-633597 Description| Value ---|--- Affected Website:| relook.ru Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
Directory Traversal
fbr-client is vulnerable to directory traversal attacks. The attacks are possible by requesting a URL such as /..%2f..%2fetc/passwd to get sensitive information...
myaposhop.de XSS vulnerability
Open Bug Bounty ID: OBB-599270 Description| Value ---|--- Affected Website:| myaposhop.de Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
bdlaws.minlaw.gov.bd XSS vulnerability
Open Bug Bounty ID: OBB-564427 Description| Value ---|--- Affected Website:| bdlaws.minlaw.gov.bd Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
2gis.ru XSS vulnerability
Open Bug Bounty ID: OBB-564143 Description| Value ---|--- Affected Website:| 2gis.ru Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
CVE-2017-1000404
The Jenkins Delivery Pipeline Plugin version 1.0.7 and earlier used the unescaped content of the query parameter 'fullscreen' in its JavaScript, resulting in a cross-site scripting vulnerability through specially crafted URLs...
GHSA-JWHV-RGQC-FQJ5 Session fixation vulnerability in Rails
Session fixation vulnerability in Rails before 1.2.4, as used for Ruby on Rails, allows remote attackers to hijack web sessions via unspecified vectors related to "URL-based sessions."...
Moderate severity vulnerability that affects rails
Session fixation vulnerability in Rails before 1.2.4, as used for Ruby on Rails, allows remote attackers to hijack web sessions via unspecified vectors related to "URL-based sessions."...
de.kompass.com XSS vulnerability
Vulnerable URL: http://de.kompass.com/searchCompanies?searchType=SUPPLIER='"--alert/XSSPOSED/...
bahlsen.de XSS vulnerability
Vulnerable URL: http://www.bahlsen.de/de/suche?q=%22%3E%3Csvg%20onload%3Dalert%28%22XSSPOSED%22%29%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 25.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 487242 Google Pagerank| 4 VIP...
CVE-2014-9180
Open redirect vulnerability in go.php in Eleanor CMS allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the QUERYSTRING...
ET - Chat Password Reset Security Bypass
source: https://www.securityfocus.com/bid/66149/info ET - Chat is prone to a security bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks. ET - Chat 3.0.7 is vulnerable; other...