14397 matches found
CVE-2025-31122 scratch-coding-hut.github.io Login Links Generation vulnerability
scratch-coding-hut.github.io is the website for Coding Hut. In 1.0-beta3 and earlier, the login link can be used to login to any account by changing the username in the username field...
Lichess: Direct IP Access to Website
Summary: The website is accessible directly via its IP address 37.187.205.99, which may bypass domain-based security policies and expose potential misconfigurations. Steps To Reproduce: 1. Open a web browser and enter the IP address: http://37.187.205.99 2. Observe that it loads the main website...
arika.org.uk Cross Site Scripting vulnerability OBB-4041204
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
camaraerere.ce.gov.br Cross Site Scripting vulnerability OBB-4041019
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
antiquingonline.com Cross Site Scripting vulnerability OBB-4040586
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
dokishop.ro Cross Site Scripting vulnerability OBB-4040275
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
docs.studip.de Cross Site Scripting vulnerability OBB-4040240
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
CVE-2025-1203
CVE-2025-1203 – MetaSlider Slider, Gallery, and Carousel (WordPress) ≤ 3.94.0 Issue: The Slider, Gallery, and Carousel by MetaSlider plugin does not sufficiently sanitize/escape certain settings, enabling Stored XSS by high-privilege users (e.g., editors) even when unfiltered_html is disallowed (...
blog.uniderp.com.br Cross Site Scripting vulnerability OBB-4038583
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
best-western-inn-95490-4404.allhotelscalifornia.com Cross Site Scripting vulnerability OBB-4038520
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
vbrdistrict5.com Cross Site Scripting vulnerability OBB-4038277
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
atacsantos.com.br Cross Site Scripting vulnerability OBB-4038192
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
alejandria-resort.hoteles-santander.com Cross Site Scripting vulnerability OBB-4037483
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
autofachmann-autokaufmann.de Cross Site Scripting vulnerability OBB-4037361
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
skiteam-erpfingen.de Cross Site Scripting vulnerability OBB-4033590
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
shanghai2022.cwieme-media.com Cross Site Scripting vulnerability OBB-4032827
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
The vulnerability of Hitachi Vantara Pentaho Business Analytics Server’s server lies in the lack of security measures for the website structure, allowing attackers to carry out cross-site scripting (XSS) attacks.
The vulnerability of Hitachi Vantara Pentaho Business Analytics Server lies in the lack of security measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks XSS remotely...
eskdaleside-cum-ugglebarnby-pc.org.uk Cross Site Scripting vulnerability OBB-4030709
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Hemi VDP: Linkedin Broken Link Hijacking on https://hemi.xyz/about
The LinkedIn account link for a team member on the https://hemi.xyz/about page pointed to a non-existent LinkedIn account...
Hackers Exploit Google Tag Manager to Deploy Credit Card Skimmers on Magento Stores
Threat actors have been observed leveraging Google Tag Manager GTM to deliver credit card skimmer malware targeting Magento-based e-commerce websites. Website security company Sucuri said the code, while appearing to be a typical GTM and Google Analytics script used for website analytics and...