secure.webstat.com Cross Site Scripting vulnerability OBB-3477557

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

hits.webstat.com Cross Site Scripting vulnerability OBB-1417545

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

hv3.webstat.com XSS vulnerability

Open Bug Bounty ID: OBB-666897 Description| Value ---|--- Affected Website:| hv3.webstat.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Mail.ru: Disclosure of information on static.dl.mail.ru

Greeting, I discovered a server with disclosure of information: http://static.dl.mail.ru/ F155883 With this /webstat/ , we can access various information from the server like paths, name of files and other precious information. http://static.dl.mail.ru/webstat/ F155884 F155885 F155887 We also...

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in Puzzle Apps CMS 2.2.1 allow remote attackers to execute arbitrary PHP code via a URL in the MODULEDIR parameter to 1 core/modules/my/my.module.php or 2 core/modules/xml/xml.module.php; the COREROOT parameter to 3 config.loader.php, 4...