Following the coordinated and responsible vulnerability disclosure guidelines of the **[ISO 29147]()** standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. not ...
Continue Reading
August 02, 2022
Authentication Bypass vulnerability discovered by Lana Codes in WordPress OAuth 2.0 client for SSO plugin (versions Read More ...
Continue Reading
August 02, 2022
Authentication Bypass vulnerability discovered by Lana Codes in WordPress WP OAuth Server plugin (versions Read More ...
Continue Reading
August 02, 2022
In Quest KACE Systems Management Appliance (SMA) through 12.0, a hash collision is possible during authentication. This may allow authentication with invalid credentials.Read More ...
Continue Reading
August 02, 2022
A SQL injection vulnerability exists within Quest KACE Systems Management Appliance (SMA) through 12.0 that can allow for remote code execution via download_agent_installer.php.Read More ...
Continue Reading
August 02, 2022
A stored cross-site scripting (XSS) vulnerability in Mealie v0.5.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Shopping Lists item names text fiel ...
Continue Reading
August 02, 2022
In Progress WS_FTP Server prior to version 8.7.3, multiple reflected cross-site scripting (XSS) vulnerabilities exist in the administrative web interface. It is possible for a remote attacker to injec ...
Continue Reading
August 02, 2022
In Progress WS_FTP Server prior to version 8.7.3, forms within the administrative interface did not include a nonce to mitigate the risk of cross-site request forgery (CSRF) attacks.Read More ...
Continue Reading
August 02, 2022
Back to Main
