73 matches found
dornsife.usc.edu Cross Site Scripting vulnerability OBB-2865430
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
orsl.usc.edu Cross Site Scripting vulnerability OBB-2681581
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
oprs.usc.edu Cross Site Scripting vulnerability OBB-2681571
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
CVE-2021-45031
A vulnerability in MEPSAN's USC+ before version 3.0 has a weakness in login function which lets attackers to generate high privileged accounts passwords...
CVE-2021-45031
A vulnerability in MEPSAN's USC+ before version 3.0 has a weakness in login function which lets attackers to generate high privileged accounts passwords...
CVE-2021-45031
A vulnerability in MEPSAN's USC+ before version 3.0 has a weakness in login function which lets attackers to generate high privileged accounts passwords...
Design/Logic Flaw
A vulnerability in MEPSAN's USC+ before version 3.0 has a weakness in login function which lets attackers to generate high privileged accounts passwords...
CVE-2021-45031 Weak Authentication in Login Function of USC+
A vulnerability in MEPSAN's USC+ before version 3.0 has a weakness in login function which lets attackers to generate high privileged accounts passwords...
CVE-2021-45031
CVE-2021-45031 affects MEPSAN’s USC+ prior to version 3.0. The vulnerability is a weakness in the login function that lets attackers generate passwords for high-privilege accounts, enabling potential unauthorized access and elevation of privileges. Reports consistently identify versions before 3....
MEPSAN USC Plus 安全漏洞
MEPSAN USC Plus is an automation system from MEPSAN Turkey. A security vulnerability exists in the USC+ functionality prior to MEPSAN USC Plus version 3.0. An attacker could generate passwords for highly privileged accounts...
vitsupport.vsoe.usc.edu Cross Site Scripting vulnerability OBB-2327849
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
CVE-2020-28339
The usc-e-shop aka Collne Welcart e-Commerce plugin before 1.9.36 for WordPress allows Object Injection because of uscesunserialize. There is not a complete POP chain...
Design/Logic Flaw
The usc-e-shop aka Collne Welcart e-Commerce plugin before 1.9.36 for WordPress allows Object Injection because of uscesunserialize. There is not a complete POP chain...
CVE-2020-28339
CVE-2020-28339 affects the WordPress plugin Welcart e-Commerce (usc-e-shop) up to version 1.9.36. The issue is an authenticated PHP Object Injection via usces_unserialize, with the CVE description noting there is not a complete POP chain. Affected: plugin in WordPress; root cause: object injectio...
microsat.usc.edu Cross Site Scripting vulnerability OBB-1376091
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
usc-scv.ch Cross Site Scripting vulnerability OBB-1205591
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
CVE-2020-11104
An issue was discovered in USC iLab cereal through 1.3.0. Serialization of an initialized C/C++ long double variable into a BinaryArchive or PortableBinaryArchive leaks several bytes of stack or heap memory, from which sensitive information such as memory layout or private keys can be gleaned if...
CVE-2020-11105
An issue was discovered in USC iLab cereal through 1.3.0. It employs caching of std::sharedptr values, using the raw pointer address as a unique identifier. This becomes problematic if an std::sharedptr variable goes out of scope and is freed, and a new std::sharedptr is allocated at the same...
CVE-2020-11105
An issue was discovered in USC iLab cereal through 1.3.0. It employs caching of std::sharedptr values, using the raw pointer address as a unique identifier. This becomes problematic if an std::sharedptr variable goes out of scope and is freed, and a new std::sharedptr is allocated at the same...
CVE-2020-11104
An issue was discovered in USC iLab cereal through 1.3.0. Serialization of an initialized C/C++ long double variable into a BinaryArchive or PortableBinaryArchive leaks several bytes of stack or heap memory, from which sensitive information such as memory layout or private keys can be gleaned if...