47473 matches found
Exploit for SQL Injection in Reputeinfosystems Bookingpress
CVE-2022-0739 Proof-of-Concept exploit SQLI BookingPress befo...
WordPress Photo Gallery 1.8.0 Cross Site Scripting
┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...
CVE-2022-28664
A memory corruption vulnerability exists in the httpd unescape functionality of FreshTomato 2022.1. A specially-crafted HTTP request can lead to memory corruption. An attacker can send a network request to trigger this vulnerability.The freshtomato-mips has a vulnerable URL-decoding feature that...
Cross-Site Request Forgery (CSRF)
Description An attacker is able to download data from a user via the CSV Export function. The export will include all the books on your shelves, books you have reviewed, and books with reading activity. Vulnerable URL https://bookwyrm.social/preferences/export/file Proof of Concept...
HackerOne: Stored XSS on www.hackerone.com due to deleted S3-bucket from old page_widget
A stored XSS vulnerability was found on www.hackerone.com due to a deleted S3-bucket from an old pagewidget. An attacker could claim the bucket and run JavaScript on the website, potentially allowing them to steal user data or perform actions on behalf of the user. The vulnerability was reported ...
CVE-2022-30387
Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggersmerch/classes/Master.php?f=payorder...
CVE-2022-28818
ColdFusion versions CF2021U3 and earlier and CF2018U13 are affected by a reflected Cross-Site Scripting XSS vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's...
abelardoluz.sc.gov.br Cross Site Scripting vulnerability OBB-2587265
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| abelardoluz.sc.gov.br ---|--- Open Bug...
U.S. Dept Of Defense: [CVE-2020-3452] Unauthenticated file read in Cisco ASA
i found out that https://█████████/ was vulnerable to CVE-2020-3452 The IP has a SSL certificate pointing to █████████ curl -kv https://██████████/ Output Server certificate: subject: C=US; ████.mil Impact Anyone can read any file present on the server. System Hosts ███ Affected Products and...
ncagr.gov Cross Site Scripting vulnerability OBB-2396168
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| ncagr.gov ---|--- Open Bug Bounty...
Xerte 3.10.3 - Directory Traversal (Authenticated) Exploit
Exploit Title: Xerte 3.10.3 - Directory Traversal Authenticated Exploit Author: Rik Lutz Vendor Homepage: https://xerte.org.uk Software Link: https://github.com/thexerteproject/xerteonlinetoolkits/archive/refs/heads/3.9.zip Version: up until 3.10.3 Tested on: Windows 10 XAMP CVE : CVE-2021-44665...
Xerte 3.10.3 - Directory Traversal (Authenticated)
Exploit Title: Xerte 3.10.3 - Directory Traversal Authenticated Date: 05/03/2021 Exploit Author: Rik Lutz Vendor Homepage: https://xerte.org.uk Software Link: https://github.com/thexerteproject/xerteonlinetoolkits/archive/refs/heads/3.9.zip Version: up until 3.10.3 Tested on: Windows 10 XAMP CVE ...
All Vulnerabilities for alt.staroost.gov.ua Patched via Open Bug Bounty
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| alt.staroost.gov.ua ---|--- Open Bug...
All Vulnerabilities for krozero.mk.gov.ua Patched via Open Bug Bounty
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| krozero.mk.gov.ua ---|--- Open Bug Boun...
All Vulnerabilities for vitovska.mk.gov.ua Patched via Open Bug Bounty
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| vitovska.mk.gov.ua ---|--- Open Bug...
All Vulnerabilities for vl.arbitr.gov.ua Patched via Open Bug Bounty
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| vl.arbitr.gov.ua ---|--- Open Bug Bount...
All Vulnerabilities for zk.arbitr.gov.ua Patched via Open Bug Bounty
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| zk.arbitr.gov.ua ---|--- Open Bug Bount...
All Vulnerabilities for mykolayiv.mk.gov.ua Patched via Open Bug Bounty
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| mykolayiv.mk.gov.ua ---|--- Open Bug...
All Vulnerabilities for vrad.mk.gov.ua Patched via Open Bug Bounty
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| vrad.mk.gov.ua ---|--- Open Bug Bounty...
All Vulnerabilities for bonnie.mk.gov.ua Patched via Open Bug Bounty
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| bonnie.mk.gov.ua ---|--- Open Bug Bount...