A potential risk was found in the cloudFrontExtensionsConsole when it was deployed in the awslabs repository on GitHub. The functions created by the application had excessive permissions that could be ...
Continue Reading
January 28, 2025
Vulnerability description not...Read More ...
Continue Reading
January 28, 2025
The identified page allowed unauthorized access to a user's profile management functionality without requiring authentication. Sensitive user details, such as name, email address, and EDIPI, were ...
Continue Reading
January 28, 2025
Vulnerability description not...Read More ...
Continue Reading
January 28, 2025
The vulnerability allowed unauthenticated attackers to read the internal admin's full sessions, HTTP requests data, and other internal information through the error logging endpoint. The vulnerab ...
Continue Reading
January 28, 2025
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified th ...
Continue Reading
January 28, 2025
A Stored Cross-Site Scripting (XSS) vulnerability was identified on the /account/email page for www.xvideos.com. The vulnerability arose from the improper handling of SMTP error messages, which were p ...
Continue Reading
January 28, 2025
CVE-2024-11053 was a logic flaw in Curl that resulted in a credential leak during redirects. The issue was caused by the way Curl processed netrc credentials when performing redirects. Under certain c ...
Continue Reading
January 28, 2025
Back to Main
