Apache Shiro before 1.9.1, A RegexRequestMatcher can be misconfigured to be bypassed on some servlet containers. Applications using RegExPatternMatcher with `.` in the regular expression are possibly ...
Continue Reading
June 28, 2022
SourceCodester Zoo Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via public_html/register_visitor?msg=.Read More ...
Continue Reading
June 28, 2022
In SilverStripe Framework through 2022-04-07, Stored XSS can occur in javascript link tags added via XMLHttpRequest (XHR).Read More ...
Continue Reading
June 28, 2022
In Nagios XI through 5.8.5, in the schedule report function, an authenticated attacker is able to inject HTML tags that lead to the reformatting/editing of emails from an official email address.Read M ...
Continue Reading
June 28, 2022
In Nagios XI through 5.8.5, it is possible for a user without password verification to change his e-mail address.Read More ...
Continue Reading
June 28, 2022
In Nagios XI through 5.8.5, a read-only Nagios user (due to an incorrect permission check) is able to schedule downtime for any host/services. This allows an attacker to permanently disable all monito ...
Continue Reading
June 28, 2022
In Nagios XI through 5.8.5, an open redirect vulnerability exists in the login function that could lead to spoofing.Read More ...
Continue Reading
June 28, 2022
Following the coordinated and responsible vulnerability disclosure guidelines of the **[ISO 29147]()** standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. not ...
Continue Reading
June 28, 2022
Back to Main
