The Bytebase application does not restrict low privilege user to access admin issues for which an unauthorized user can view the OPEN and CLOSED issues by Admin and the affected en ...
Continue Reading28 сентября, 2022
An authorization bypass in b2evolution allows remote, unauthenticated attackers to predict password reset tokens for any user through the use of a bad randomness function. This allows the attacker to ...
Continue Reading28 сентября, 2022
The Bytebase application does not restrict low privilege user to access admin projects for which an unauthorized user can view the projects created by Admin and the affected endpoint i ...
Continue Reading28 сентября, 2022
A vulnerability classified as critical has been found in SourceCodester Food Ordering Management System. This affects an unknown part of the file router.php of the component POST Parameter Handler. Th ...
Continue Reading28 сентября, 2022
A vulnerability, which was classified as problematic, was found in Zephyr Project Manager up to 3.2.4. Affected is an unknown function of the file /v1/tasks/create/ of the component REST Call Handler. ...
Continue Reading28 сентября, 2022
Notepad++ versions 8.4.1 and before are vulnerable to DLL hijacking where an attacker can replace the vulnerable dll (UxTheme.dll) with his own dll and run arbitrary code in the context of Notepad++.R ...
Continue Reading28 сентября, 2022
Just like in the previous report, an attacker could steal the account of different users. But in this case, it's a little bit more specific, because it is needed to be an editor in the same app as the ...
Continue Reading28 сентября, 2022
Following the coordinated and responsible vulnerability disclosure guidelines of the **[ISO 29147]()** standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. not ...
Continue Reading28 сентября, 2022
Back to Main