Lucene search
+L

14397 matches found

osv
osv
added 2025/03/31 4:58 p.m.4 views

CVE-2025-31122 scratch-coding-hut.github.io Login Links Generation vulnerability

scratch-coding-hut.github.io is the website for Coding Hut. In 1.0-beta3 and earlier, the login link can be used to login to any account by changing the username in the username field...

9CVSS6.9AI score0.00342EPSS
Exploits0References4
hackerone
hackerone
added 2025/03/31 3:47 p.m.1366 views

Lichess: Direct IP Access to Website

Summary: The website is accessible directly via its IP address 37.187.205.99, which may bypass domain-based security policies and expose potential misconfigurations. Steps To Reproduce: 1. Open a web browser and enter the IP address: http://37.187.205.99 2. Observe that it loads the main website...

6.9AI score
Exploits0
openbugbounty
openbugbounty
added 2025/03/29 5:52 p.m.4 views

arika.org.uk Cross Site Scripting vulnerability OBB-4041204

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
openbugbounty
openbugbounty
added 2025/03/28 4:47 p.m.9 views

camaraerere.ce.gov.br Cross Site Scripting vulnerability OBB-4041019

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
openbugbounty
openbugbounty
added 2025/03/26 5:55 p.m.6 views

antiquingonline.com Cross Site Scripting vulnerability OBB-4040586

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
openbugbounty
openbugbounty
added 2025/03/26 6:42 a.m.4 views

dokishop.ro Cross Site Scripting vulnerability OBB-4040275

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
openbugbounty
openbugbounty
added 2025/03/26 6:20 a.m.5 views

docs.studip.de Cross Site Scripting vulnerability OBB-4040240

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
cve
cve
added 2025/03/24 6:0 a.m.59 views

CVE-2025-1203

CVE-2025-1203 – MetaSlider Slider, Gallery, and Carousel (WordPress) ≤ 3.94.0 Issue: The Slider, Gallery, and Carousel by MetaSlider plugin does not sufficiently sanitize/escape certain settings, enabling Stored XSS by high-privilege users (e.g., editors) even when unfiltered_html is disallowed (...

3.5CVSS5.8AI score0.00274EPSS
Exploits1References1Affected Software1
openbugbounty
openbugbounty
added 2025/03/21 3:16 a.m.3 views

blog.uniderp.com.br Cross Site Scripting vulnerability OBB-4038583

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
openbugbounty
openbugbounty
added 2025/03/21 2:35 a.m.6 views

best-western-inn-95490-4404.allhotelscalifornia.com Cross Site Scripting vulnerability OBB-4038520

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
openbugbounty
openbugbounty
added 2025/03/20 10:37 a.m.7 views

vbrdistrict5.com Cross Site Scripting vulnerability OBB-4038277

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
openbugbounty
openbugbounty
added 2025/03/20 6:28 a.m.6 views

atacsantos.com.br Cross Site Scripting vulnerability OBB-4038192

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
openbugbounty
openbugbounty
added 2025/03/18 4:4 a.m.7 views

alejandria-resort.hoteles-santander.com Cross Site Scripting vulnerability OBB-4037483

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
openbugbounty
openbugbounty
added 2025/03/17 11:19 p.m.8 views

autofachmann-autokaufmann.de Cross Site Scripting vulnerability OBB-4037361

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
openbugbounty
openbugbounty
added 2025/03/07 3:55 a.m.8 views

skiteam-erpfingen.de Cross Site Scripting vulnerability OBB-4033590

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
openbugbounty
openbugbounty
added 2025/03/05 10:15 p.m.7 views

shanghai2022.cwieme-media.com Cross Site Scripting vulnerability OBB-4032827

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
bdu_fstec
bdu_fstec
added 2025/03/01 12:0 a.m.7 views

The vulnerability of Hitachi Vantara Pentaho Business Analytics Server’s server lies in the lack of security measures for the website structure, allowing attackers to carry out cross-site scripting (XSS) attacks.

The vulnerability of Hitachi Vantara Pentaho Business Analytics Server lies in the lack of security measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks XSS remotely...

4.9CVSS5.2AI score0.00262EPSS
Exploits0References3Affected Software1
openbugbounty
openbugbounty
added 2025/02/27 3:28 p.m.10 views

eskdaleside-cum-ugglebarnby-pc.org.uk Cross Site Scripting vulnerability OBB-4030709

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
hackerone
hackerone
added 2025/02/12 2:29 p.m.1813 views

Hemi VDP: Linkedin Broken Link Hijacking on https://hemi.xyz/about

The LinkedIn account link for a team member on the https://hemi.xyz/about page pointed to a non-existent LinkedIn account...

7AI score
Exploits0
thn
thn
added 2025/02/10 3:16 p.m.13 views

Hackers Exploit Google Tag Manager to Deploy Credit Card Skimmers on Magento Stores

Threat actors have been observed leveraging Google Tag Manager GTM to deliver credit card skimmer malware targeting Magento-based e-commerce websites. Website security company Sucuri said the code, while appearing to be a typical GTM and Google Analytics script used for website analytics and...

7AI score
Exploits0
Rows per page
Query Builder