IBM: POST based Cross-Site Scripting on IBM research endpoint

The POST-based Cross-Site Scripting vulnerability on the IBM research endpoint was reported, analyzed, and remediated. The vulnerability was discovered by an external...Read More ...

Continue Reading

January 31, 2025

Localize: open redirected by host header

Vulnerability description not...Read More ...

Continue Reading

January 31, 2025

Yelp: Object Level access control leads to reading user’s full requests, sessions, and error messages

The summary is as follows: A vulnerability was discovered in the Yelp internal administration tool called "Tailored Mail" hosted on the subdomain https://proze.yelp.com/. The vulnera ...

Continue Reading

January 31, 2025

curl: Hackers Attack Curl Vulnerability Accessing Sensitive Information

Vulnerability description not...Read More ...

Continue Reading

January 31, 2025

Flickr: Information Disclosure: .dockerignore file is publicly accessible

Vulnerability description not...Read More ...

Continue Reading

January 31, 2025

Nextcloud: Blind SSRF Vulnerability in Appstore Release Upload Form

Vulnerability description not...Read More ...

Continue Reading

January 31, 2025

XVIDEOS: Lack of Rate Limiting on Account Creation Endpoint

The account creation process of www.xvideos.red was found to lack proper rate limiting mechanisms on the /account/signinform/premium_tour_login endpoint. This security flaw allowed for automated creat ...

Continue Reading

January 31, 2025

espaimacia.cat Cross Site Scripting vulnerability OBB-4015297

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified th ...

Continue Reading

January 31, 2025

1 264,833 264,834 264,835 264,836 264,837 385,998

Back to Main
Subscribe for the latest news: