-
Title: DDOS Vulnerability on GET:/api/v1/orgs/search
Project: NetBanking API
Description: The Application DDoS exploit allows an attacker to overwelm you Application/DB by requesting seemingly large …
-
Title: DDOS Vulnerability on GET:/api/v1/primary-transaction
Project: NetBanking API
Description: The Application DDoS exploit allows an attacker to overwelm you Application/DB by requesting seemingl…
-
Setoolkit does not start the Metasploit listener when using Metasploit Browser Exploit Method
**Expected Behaviour**
Metasploit listener should be started by setoolkit
**Actual Behaviour**
…
-
Product: facileManager
Download: https://github.com/WillyXJ/facileManager
Vunlerable Version: latest version
Tested Version: latest version
Author: ADLab of Venustech
Advisory Details:
A Cross…
-
Title: DDOS Vulnerability on GET:/api/v1/recepient
Project: NetBanking API
Description: The Application DDoS exploit allows an attacker to overwelm you Application/DB by requesting seemingly large re…
-
Title: DDOS Vulnerability on GET:/api/v1/orgs/by-user
Project: NetBanking API
Description: The Application DDoS exploit allows an attacker to overwelm you Application/DB by requesting seemingly large…
-
Cross SIte Scripting in Version: 3.1.13.
The vulnerability exists in the "Create New Page" parameter and "Edit Page" parameter. The main reason is that the rich text editor does not filter harmful…
ghost updated
5 years ago
-
### Expected behaviour
storage XSS
### Actual behaviour
storage XSS
### Steps to reproduce
**I. Vulnerability Analysis**
XSS filtering is not done in the blog background writing artic…
-
JSON Parameter Pollution is a common issue I find in API and not that checked upon often, which I feel can be added in the list
-
Vulnerability name-Cross SIte Scripting.
Severity: High
Submitted By: Ritesh Kumar
Email: riteshreapers@gmail.com
Vendor of Product: GetSimple CMS
Version: 3.1.13
Attack type: remote
Descript…