15 matches found
genial.glendon.yorku.ca Cross Site Scripting vulnerability OBB-3720105
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
glendon.yorku.ca Cross Site Scripting vulnerability OBB-3636422
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
PYSEC-2023-43
A vulnerability has been found in NYUCCL psiTurk up to 3.2.0 and classified as critical. This vulnerability affects unknown code of the file psiturk/experiment.py. The manipulation of the argument mode leads to improper neutralization of special elements used in a template engine. The exploit has...
NYUCCL psiTurk 代码注入漏洞
NYUCCL psiTurk is a scientific open platform on Amazon Mechanical Turk. A security vulnerability exists in NYUCCL psiTurk version 3.2.0 and prior versions, which stems from an incorrect manipulation of the parameter mode that can lead to invalidation of special elements used in the template engin...
stats.netops.yorku.ca Cross Site Scripting vulnerability OBB-2845159
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
stats.netops.yorku.ca Cross Site Scripting vulnerability OBB-2828954
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
dawnbazely.lab.yorku.ca Cross Site Scripting vulnerability OBB-2759880
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
delta.library.yorku.ca Cross Site Scripting vulnerability OBB-1476292
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
uitforms.apps01.yorku.ca Cross Site Scripting vulnerability OBB-1248845
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
sgy.apps01.yorku.ca Cross Site Scripting vulnerability OBB-1248807
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
New LTE Network Flaw Could Let Attackers Impersonate 4G Mobile Users
A group of academics from Ruhr University Bochum and New York University Abu Dhabi have uncovered security flaws in 4G LTE and 5G networks that could potentially allow hackers to impersonate users on the network and even sign up for paid subscriptions on their behalf. The impersonation attack —...
‘Chaff Bug’ Defense Rolls Out Shiny Objects for Attackers to Find
Camouflage and distraction have long been hallmarks of warfare, and it’s no different when it comes to the cyber-front. A group of researchers from New York University are taking the idea further than it’s gone before with the idea of introducing decoy bugs into code – ultimately non-exploitable...
justlabour.yorku.ca XSS vulnerability
Vulnerable URL: http://www.justlabour.yorku.ca/index.php?page=toc"=8 Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| No Check...
Exploitation 101: Exploiting Windows
Security researcher and former penetration tester Dino Dai Zovi delivers a lecture at the Polytechnic Institute of New York University on exploiting Windows...
Unfixed XSS vulnerability at www.yorku.ca
Security researcher Dark.Man, has submitted on 27/08/2009 a cross-site-scripting XSS vulnerability affecting www.yorku.ca, which at the time of submission ranked 11291 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 04/07/2010. It is currently...