Apple iTunes & AppStore - Filter Bypass & Persistent Invoice Vulnerability

ule is estimated as high. (CVSS 5.8) Credits & Authors: == Vulnerability Laboratory [Research Team] - Benjamin Kunz Mejri (b...@evolution-sec.com) [www.vulnerability-lab.com] Disclaimer & Information: = The information provided in this advisory is

Ferrari - PHP CGI Argument Injection (RCE) Vulnerability

eranclaessens.be) Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a

Device Inspector v1.5 iOS - Command Inject Vulnerabilities

isclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vuln

bizidea Design CMS 2015Q3 - SQL Injection Vulnerability

= The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its suppliers ar

Microsoft HTA (HTML Application) - Remote Code Execution Vulnerability (MS14-064)

x20\x20\x20\x0d\x0a\x20\x20\x20\x20\x61\x62\x28\x30\x29". "\x3d\x30\x20\x20\x20\x0d\x0a\x20\x20\x20\x20\x61\x61\x28\x61\x31\x29\x3d\x61\x64\x64\x2b\x34\x20". "\x20\x20\x20\x20\x0d\x0a\x20\x20\x20\x20\x61\x62\x28\x30\x29\x3d\x31\x2e\x36\x39\x37\x35\x39\x36"

PDF Shaper v3.5 - (MSF) Remote Buffer Overflow Vulnerability

eol stream << "/Intent /RelativeColorimetric" << eol stream << "/Subtype /Image" << eol stream << "/Filter /DCTDecode" << eol stream << "/Length #{jpeg.length}" << eol stream << "/

WebSolutions India Design CMS - SQL Injection Vulnerability

his advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its suppliers are not liable in any case of damage, includin

ChiefPDF Software v2.x - Buffer Overflow Vulnerability

The security risk of the local buffer overflow vulnerability in the chiefpdf software clients is estimated as high. (CVSS 7.3) Credits & Authors: == metacom - [http://www.vulnerability-lab.com/show.php?user=metacom] Disclaimer & Information: ===

UBNT Bug Bounty #1 - Client Side Cross Site Scripting Vulnerability

r [sa...@evolution-sec.com] Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a

UBNT Bug Bounty #3 - Persistent Filename Vulnerability

4.2) Credits & Authors: == Vulnerability Laboratory [Research Team] - Hadji Samir [sa...@evolution-sec.com] Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all

PayPal Bug Bounty #119 - Stored Cross Site Scripting Vulnerability

er & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vuln

LinuxOptic CMS 2009 - Auth Bypass Session Vulnerability

= Contact: https://securityresearchindia.wordpress.com > https://twitter.com/aaditya_purani Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed

Dogma India dogmaindia CMS - Auth Bypass Vulnerability

provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its suppliers are not liable in any case of damage, including direct, indirect, inci

Zhone ADSL2+ 4P Bridge & Router (Broadcom) - Multiple Vulnerabilities

Mahmoud Khaled - [mahmoud_k...@yahoo.com] Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and

Yahoo Bug Bounty #32 - Cross Site Request Forgery bulkImport Web Vulnerability

ication is estimated as medium. (CVSS 3.8) Credits & Authors: == Vulnerability Laboratory [Research Team] - Hadji Samir [sa...@evolution-sec.com] Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab

Shopify Bug Bounty #8 - (FilePath) Persistent Vulnerability

m] - Hadji Samir [sa...@evolution-sec.com] Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capabil

PayPal Inc - Security Approval & 2FA Session Auth Bypass (API) Vulnerability

arch Team] - Benjamin Kunz Mejri (b...@evolution-sec.com) [www.vulnerability-lab.com] Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or

Magento Bug Bounty #19 - Persistent Filename Vulnerability

plication is estimated as medium. (CVSS 3.9) Credits & Authors: == Vulnerability Laboratory [Research Team] - Hadji Samir [sa...@evolution-sec.com] Disclaimer & Information: = The information provided in this advisory is provided as it is without an

Paypal Inc - Open Redirect Web Vulnerability

d as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its suppliers are not liable in any case of damage, including direct, indirect, in

Air Drive Plus v2.4 iOS - Arbitrary File Upload Vulnerability

=== Vulnerability Laboratory [Research Team] - Benjamin Kunz Mejri (b...@evolution-sec.com) [www.vulnerability-lab.com] Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims

UDID v1.0 iOS - Persistent Mail Encode Vulnerability

laimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab

Flowdock API Bug Bounty #1 - (Description) Persistent Web Vulnerability

Authors: == Vulnerability Laboratory [Research Team] - Hadji Samir [sa...@evolution-sec.com] Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied,

WiFi Drive CR v1.0 iOS - Persistent Filename Dir List Vulnerability

tory [Research Team] - Benjamin Kunz Mejri (b...@evolution-sec.com) [www.vulnerability-lab.com] Disclaimer & Information: ===== The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expres

UltraEdit v22.20 - Buffer Overflow Vulnerability

p; Information: ===== The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerab

My.WiFi USB Drive v1.0 iOS - File Include Vulnerability

i (b...@evolution-sec.com) [www.vulnerability-lab.com] Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties o

Flowdock API Bug Bounty #3 - (Invite) Persistent Web Vulnerability

as been invited to grant access 8. Successful reproduce of the vulnerability in flowdock api and main dashbaord! Note: Use tamper data in mozilla to manipulate the session values and to approve the existence of the vulnerability! Execution Point: https://www.flowdock.com/app/vuln

WinRAR SFX v5.21 - Remote Code Execution Vulnerability

gham [https://ir.linkedin.com/in/rezasp] (m...@reza.es or reza.esparg...@gmail.com] (www.reza.es) Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or

NodeBB v0.8.2 - Client Side Cross Site Web Vulnerability

S 3.4) Credits & Authors: == Mikica Ivosevic Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of me

Photos in Wifi v1.0.1 iOS - Arbitrary File Upload Vulnerability

enjamin Kunz Mejri (b...@evolution-sec.com) [www.vulnerability-lab.com] Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied,

IconLover v5.4.5 - Stack Buffer Overflow Vulnerability

ow.php?user=ZwX] Disclaimer & Information: ===== The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a pa

WebComIndia CMS 2015Q4 - Auth Bypass Vulnerability

ani ] Special Thanks: Hell Shield Hackers | Ahmedabad University | Skysecura Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including

PayPal Inc Bug Bounty #119 - URL Redirect Web Vulnerability

== Rui Silva (http://www.vulnerability-lab.com/show.php?user=Rui%20Silva) Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, inc

FreeYouTubeToMP3 Converter 4.0.1 - Buffer Overflow Vulnerability

lab.com/show.php?user=ZwX ] Disclaimer & Information: ===== The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability a

PayPal Inc Bug Bounty #117 - Session Fixation Vulnerability

Samir (sa...@evolution-sec.com) [http://www.vulnerability-lab.com/show.php?user=Hadji%20Samir] Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either e

Freemake Video Downloader 3.7.1 - Code Execution Vulnerability

amp; Authors: == ZwX - (http://zwx.fr) [ http://www.vulnerability-lab.com/show.php?user=ZwX ] Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, eith

LAN Scan HD v1.20 iOS - Command Inject Vulnerability

his advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its suppliers are not liable in any case of damage, including direct,

Port Scan v2.0 iOS - Command Inject Vulnerability

rch Team] - Benjamin Kunz Mejri (b...@evolution-sec.com) [www.vulnerability-lab.com] Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, incl

Magento Bug Bounty #24 - Multiple CSRF Web Vulnerabilities

ing/ http://www.magentocommerce.com/bug-tracking/report PoC #2: CSRF URL: http://merch.docs.magento.com/ce/user_guide/Magento_Community_Edition_User_Guide.html Note: Remote attackers are able to inject own websites/webpages with fake login for phishing attacks against the login users Reference(s): http:

Magento Bug Bounty #22 - (Profile) Persistent Vulnerability

ww.vulnerability-lab.com/show.php?user=Hadji%20Samir) Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of

Murgent CMS - SQL Injection Vulnerability

Shab,Sia Turk and All Of My Friends Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability fo

Free WMA MP3 Converter - Buffer Overflow Exploit (SEH)

/show.php?user=ZwX ] Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for

Adobe Premiere Clip v1.1.1 iOS - (cid:x) Filter Bypass & Persistent Software Vulnerability

Credits & Authors: == Vulnerability Laboratory [Research Team] - Benjamin Kunz Mejri (b...@evolution-sec.com) [www.vulnerability-lab.com] Disclaimer & Information: ===== The information provided in this advisory is provided as it is without any warr

CIS Manager Content Management System 2015Q4 - SQL Injection Vulnerability

ager Content Management System. Vulnerability Disclosure Timeline: == 2015-11-24: Report to Vulnerability Lab (Sajjad Sotoudeh - White-hg) 2015-11-25: Public Disclosure (Vulnerability Laboratory) Discovery Status: = Published Affected Produ

DELL Scrutinizer v12.0.3 - Persistent Software Vulnerability

& Information: ========= The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulne

Western Union CN Bug Bounty #6 - Client Side Cross Site Scripting Web Vulnerability

n is estimated as medium. (CVSS 3.2) Credits & Authors: == Vulnerability Laboratory [Research Team] - Milan Solanki [milans...@gmail.com] Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab discl

Lithium Forum - (previewImages) Persistent Vulnerability

e is estimated as medium. (CVSS 4.6) Credits & Authors: == Vulnerability Laboratory [Research Team] – Hadji Samir (sa...@evolution-sec.com) [http://www.vulnerability-lab.com/show.php?user=Hadji%20Samir] Disclaimer & Information: = The information

Switch v4.68 - Code Execution Vulnerability

is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its suppliers are not liable in any case of damage, including direct, indirect,

POP Peeper 4.0.1 - Persistent Code Execution Vulnerability

out any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its suppliers are not liable in any case of damage, including direct, indirect, incidental, consequ

Aeris Calandar v2.1 - Buffer Overflow Vulnerability

p; Information: ===== The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose.

Secure Item Hub v1.0 iOS - Multiple Web Vulnerabilities

y [Research Team] - Benjamin Kunz mejri (resea...@vulnerability-lab.com) [www.vulnerability-lab.com] Disclaimer & Information: ===== The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either exp

Apple WatchOS v2.1 - Denial of Service Vulnerability

za.es] Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpos

Barracuda Networks Bug Bounty #38 Message Archiver - Multiple Vulnerabilities

/view_message_log_detail.cgi [primary_tab parameter] [+] /cgi-mod/view_message_log_detail.cgi [realm parameter] [+] /cgi-mod/view_message_log_detail.cgi [secondary_tab parameter] Security Risk: == The secu

Telegram (API) - Cross Site Request Forgery Vulnerabilities

elopers is estimated as medium. (CVSS 3.2) Credits & Authors: == Lawrence Amer - ( http://www.vulnerability-lab.com/show.php?user=Lawrence%20Amer ) Disclaimer & Information: = The information provided in this advisory is provided as it is without any

Ebay Magento Bug Bounty #2 - Persistent Web Vulnerability

y risk of the persistent mail encoding web vulnerability and the web-server validation misconfiguration are estimated as medium. (CVSS 3.7) Credits & Authors: == Vulnerability Laboratory [Research Team] - Benjamin Kunz Mejri (b...@evolution-sec.com) [www.vulnerability-lab.com]

Kleefa v1.7 (IR) - Multiple Web Vulnerabilities

ing web vulnerabilities in the web-application are estimated as medium. (CVSS 3.3) Credits & Authors: == Iran Cyber Security Group - (ICG SEC) Disclaimer & Information: = The information provided in this advisory is provided as it is without any war

Classic Infomedia (Login) - Auth Bypass Web Vulnerability

o : root3r | MOHAMAD-NOFOZI | KamraN HellisH | JOK3R | Pi.Hack | CRY$I$ BL4CK | WH!T3 W01F | And All Members Of Iran-Cyber.Net Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab dis

WebMartIndia CMS 2016 Q1 - SQL Injection Vulnerability

ICG SEC) [Iran-Cyber.Net] Spc Thnx 2: root3r , mohamad-nofozi , jok3r , pi.hack , 0day , m0hamad-black , wh1tew0lf , mr.turk and all member of iran-cyber.net Disclaimer & Information: ========= The information provided in this advisory is provided as it is without any warranty. Vu

los818 CMS 2016 Q1 - SQL Injection Web Vulnerability

ded as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its suppliers are not liable in any case of damage, including direct, indirect, i

Trend Micro Direct Pass - Filter Bypass & Persistent Web Vulnerability

rmation: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its

New Era Company CMS - (id) SQL Injection Vulnerability

Cyber Security Group - 0x3a (ICG SEC) Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability

Netlife Photosuite Pro - Client Side Cross Site Scripting Vulnerability

ts & Authors: == Iran Cyber Security Group - 0x3a (ICG SEC) [Iran-Cyber.Net] [http://www.vulnerability-lab.com/show.php?user=Iran%20Cyber%20Security] Disclaimer & Information: = The information provided in this advisory is provided as it is without any warrant

Netlife Photosuite Pro - Client Side Cross Site Scripting Vulnerability

ts & Authors: == Iran Cyber Security Group - 0x3a (ICG SEC) [Iran-Cyber.Net] [http://www.vulnerability-lab.com/show.php?user=Iran%20Cyber%20Security] Disclaimer & Information: = The information provided in this advisory is provided as it is without any warrant

File Hub v3.3 iOS (Wifi) - Multiple Web Vulnerabilities

n Kunz Mejri (resea...@vulnerability-lab.com) [www.vulnerability-lab.com] Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including t

Compal ConnectBox Wireless - Passphrase Settings Filter Bypass Vulnerability

[Research Team] - Marco Onorati Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and

Getdpd Bug Bounty #1 - (asm0option0) Persistent Web Vulnerability

== Vulnerability Laboratory [Research Team] - Hadji Samir [sa...@evolution-sec.com] [www.vulnerability-lab.com] (http://www.vulnerability-lab.com/show.php?user=Hadji%20Samir) Disclaimer & Information: = The information provided in this advisory is provided a

SimpleView CRM - Client Side Open Redirect Vulnerability

== Tommy DeVoss Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a p

File Manager PRO v1.3 iOS - Multiple Web Vulnerabilities

application is estimated as high. (CVSS 7.3) Credits & Authors: == Vulnerability Laboratory [Research Team] - Benjamin Kunz Mejri (resea...@vulnerability-lab.com) [www.vulnerability-lab.com] Disclaimer & Information: = The information provided in this advisory is provided as

Soso Transfer v1.1 iOS - Denial of Service Vulnerability

ided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its suppliers are not liable in any case of damage, including direct, indirect, incidenta

Apple iOS v9.1, 9.2 & 9.2.1 - Application Update Loop Pass Code Bypass

sea...@vulnerability-lab.com) [www.vulnerability-lab.com] Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties

JavaScript Anywhere v3.0.4 iOS - Persistent Vulnerability

vulnerability-lab.com] Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a

Getdpd BB #4 - (name) Persistent Validation Vulnerability

= The security risk of application-side input validation web vulnerability in the frontend of the getdpd web-application is estimated as medium. (CVSS 3.8) Credits & Authors: == Vulnerability Laboratory [Research Team] - Hadji Samir [sa...@evolution-sec.com] Disclaimer &

Alsovalue CMS 2016Q1 - SQL Injection Web Vulnerability

isclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its s

Ebay Inc (Pages) - Client Side Cross Site Scripting Vulnerabilities

== The security risk of the client-side vulnerabilities in the official ebay online service pages Credits & Authors: == Daniel Díez Tainta - (@DaniLabs) Disclaimer & Information: = The information provided in this advisory is provided as it is witho

PressePortal NewsAktuell (DPA) - Multiple Vulnerabilities

redits & Authors: == Vulnerability Laboratory [Research Team] - Marco Onorati [http://www.vulnerability-lab.com/show.php?user=Marco%20Onorati] Disclaimer & Information: = The information provided in this advisory is provided as it is without any warra

File Sharing Manager v1.0 iOS - Multiple Web Vulnerabilities

@vulnerability-lab.com) [www.vulnerability-lab.com] Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchan

MyScript Memo v3.0 iOS - (Mail) Persistent Vulnerability

Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose.

Apache Sling Framework v2.3.6 - Information Disclosure Vulnerability

lnerability-lab.com] (https://twitter.com/cybercrimenews) Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties

HD Video Player v2.5 iOS - Multiple Web Vulnerabilities

= Vulnerability Laboratory [Research Team] - Benjamin Kunz Mejri (resea...@vulnerability-lab.com) [www.vulnerability-lab.com] Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclai

ifixit Bug Bounty #5 - Guide Search Persistent Vulnerability

tent input validation web vulnerability in the ifixit.com online service web-application is estimated as medium. (CVSS 3.8) Credits & Authors: == Vulnerability Laboratory [Research Team] - Hadji Samir (sa...@evolution-sec.com) [http://www.vulnerability-lab.com/show.php?us

Adobe - Multiple Client Side Cross Site Scripting Web Vulnerabilities

. (CVSS 3.0) The security risk of the client-side open redirect web vulnerability in the adobe web-application is estimated as low. (CVSS 2.1) Credits & Authors: == Daniel Díez Tainta - (@DaniLabs) Disclaimer & Information: = The informa

Chamilo LMS - Persistent Cross Site Scripting Vulnerability

sk of the persistent cross site script vulnerability in the web-application is estimated as medium. (CVSS 3.3) Credits & Authors: == Lawrence Amer - ( http://www.vulnerability-lab.com/show.php?user=Lawrence%20Amer ) Disclaimer & Information: =

Chamilo LMS IDOR - (messageId) Delete POST Inject Vulnerability

amp; Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its suppliers ar

Investors Application - Client Side Cross Site Scripting Vulnerability

] Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vu

Prezi Bug Bounty #5 - Client Side Cross Site Scripting & Open Redirect Vulnerability

& Authors: == Milan A Solanki - (milans...@gmail.com) [http://www.safehacking4mas.blogspot.in] [https://www.facebook.com/Mas.Hackers] Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all w

ifixit Bug Bounty #6 -(Profile) Persistent Vulnerability

ion provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its suppliers are not liable in any

InstantCoder v1.0 iOS - Multiple Web Vulnerabilities

this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its suppliers are not liable in any case of damage, includ

Ubiquiti Networks Bug Bounty #9 - Invoice Persistent Vulnerabilities

ded as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its suppliers are not liable in any case of damage, including direct, indirect, incidenta

Oxwall Forum v1.8.1 - Persistent Cross Site Scripting Vulnerability

er & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vuln

InstantCoder v1.0 iOS - Multiple Web Vulnerabilities

this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its suppliers are not liable in any case of damage, includ

eFront 3.6.15.6 CMS – (Message Attachment) Persistent Cross Site Scripting Vulnerability

um. (CVSS 4.0) Credits & Authors: == Vulnerability Laboratory [Research Team] - Lawrence Amer - http://www.vulnerability-lab.com/show.php?user=Lawrence%20Amer Disclaimer & Information: = The information provided in this advisory is provided as it

WP Good News Themes - Client Side Cross Site Scripting Web Vulnerability

eini (EhsanSec.ir) Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability

Fing v3.3.0 iOS - Persistent Mail Encoding Vulnerability

web vulnerability in the fing scanner iOS app is estimated as medium. (CVSS 3.5) Credits & Authors: == Vulnerability Laboratory [Research Team] - Benjamin Kunz Mejri (b...@evolution-sec.com) [www.vulnerability-lab.com] Disclaimer & Information: =

Apple iOS v9.2.1 - Multiple PassCode Bypass Vulnerabilities (App Store Link, Buy Tones Link & Weather Channel Link)

SS 6.4) Credits & Authors: == Vulnerability Laboratory [Research Team] - Benjamin Kunz Mejri (resea...@vulnerability-lab.com) [http://www.vulnerability-lab.com/show.php?user=Benjamin%20K.M.] Disclaimer & Information: ========= The information provided in

ChitaSoft (Web-Application) - SQL Injection Vulnerability

ormation provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its suppliers are not liable in any case

Chamlio LMS v1.10.2 - (Profile) Persistent Web Vulnerability

The security risk of the application-side validation web vulnerability in the profile module is estimated as medium. (CVSS 3.4) Credits & Authors: == Vulnerability Laboratory [Research Team] - Lawrence Amer - http://www.vulnerability-lab.com/show.php?user=Lawrence%20Amer Dis

Yahoo Bug Bounty #37 - Sender Spoofing Vulnerability

& Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerabilit

Patron Info System - SQL Injection Vulnerability

urity] Special Tnx 2 : MOHAMAD_NOFOZI , root3r , Sir.H4m1d , 0day , pi.hack , s4jj4d , whitewolf , jok3r , MoHaMaD-BlAcK ,l3gi0 n , mr.turk , 0xdevil & king_k4li Disclaimer & Information: = The information provided in this advisory is provided as it is without any

Hi Technology & Services CMS - SQL Injection Vulnerabilities

i Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or

WP External Links v1.80 - Cross Site Scripting Web Vulnerabilities

= The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its suppliers ar

Docker UI v0.10.0 - Multiple Client Side Cross Site Request Forgery Web Vulnerabilities

ep K. - http://www.vulnerability-lab.com/show.php?user=Manideep%20K. Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warran

<    1   2   3   4   5   6   7   8   9   >