Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

11 matches found

Hacker One
Hacker Oneadded 2014/10/31 2:49 a.m.11 views

Uzbey: test

test...

1.1AI score
Exploits0
Hacker One
Hacker Oneadded 2014/10/29 6:57 a.m.14 views

Uzbey: Test

aaa...

1.5AI score
Exploits0
Hacker One
Hacker Oneadded 2014/10/29 6:48 a.m.23 views

Uzbey: Test

a...

1AI score
Exploits0
Hacker One
Hacker Oneadded 2014/08/08 4:22 a.m.18 views

Uzbey: SQL Injection

https://staging.uzbey.com/rotate-image?fid=2841+and+substringversion,1,1=4 FALSE https://staging.uzbey.com/rotate-image?fid=2841+and+substringversion,1,1=5 TRUE https://staging.uzbey.com/rotate-image?fid=2841+and+1=1+order+by+1-- TRUE...

0.4AI score
Exploits0
Hacker One
Hacker Oneadded 2014/08/08 4:7 a.m.15 views

Uzbey: XSS in 3rd party plugin (not affecting Uzbey's users)

Uzbey currently using a 3rd party solution from sharethis.com to share user's album. It is possible to use this function as a medium to attack sharethis.com's users that using Uzbey service. 1- Create album using XSS payload 2- Share the album using Email function letter icon 3- XSS will execute...

3.1AI score
Exploits0
Hacker One
Hacker Oneadded 2014/06/23 11:46 a.m.19 views

Uzbey: Clickjacking at https://staging.uzbey.com/

hi, i found your site is vulnerable to clickjacking. poc: testing frame opacity: 0.5; border: none; position: absolute; top: 0px; left: 0px; z-index: 1000; window.onbeforeunload = function return " Do you want to leave ?"; site is vulnerable for Clickjacking! by Vineet bhardwaj please check the...

0.6AI score
Exploits0
Hacker One
Hacker Oneadded 2014/06/23 9:42 a.m.17 views

Uzbey: Cross site scripting in type parameter

https://staging.uzbey.com/crop-image?fid=1996&type=%22%3E%3Cscript%3Ealert%281%29%3C/script%3E click the above url and you can able to view the pop up...

0.1AI score
Exploits0
Hacker One
Hacker Oneadded 2014/06/23 8:13 a.m.91 views

Uzbey: CMS Information Disclosure

Hi, I noticed that the CHANGELOG.txt disclose Drupal vesion. It might help an attacker to perform information gathering and help an attacker to find the vulnerabilties from the version. PoC: https://staging.uzbey.com/CHANGELOG.txt...

1.2AI score
Exploits0
Hacker One
Hacker Oneadded 2014/06/22 10:41 p.m.15 views

Uzbey: Cross-site scripting vulnerability detected

It was possible to identify a XSS vuln. at this address: https://staging.uzbey.com parameter: ?q=user...

0.3AI score
Exploits0
Hacker One
Hacker Oneadded 2014/06/22 10:12 p.m.17 views

Uzbey: Missing HSTS (Strict Transport Security)

https://www.ssllabs.com/ssltest/analyze.html?d=https://staging.uzbey.com Reference: http://en.wikipedia.org/wiki/HTTPStrictTransportSecurity https://www.owasp.org/index.php/HTTPStrictTransportSecurity http://dev.chromium.org/sts...

7.1AI score
Exploits0
Hacker One
Hacker Oneadded 2014/06/22 9:59 p.m.14 views

Uzbey: Album image XSS

There's an XSS in the album script caused by insufficient escaping of double quotes. PoC: https://staging.uzbey.com/album/image/679/1139%22%3E%3Ch1%3ESurprise!%3Cimg%20src=0%20onerror=%22alertdocument.domain%22%3E...

0.6AI score
Exploits0
Rows per page
Query Builder