Document Title:
===
Heroku API Deep Dive Bug Bounty #3 - Persistent UI Vulnerability
References (Source):
http://vulnerability-lab.com/get_content.php?id=1398
BugCrowd ID: 6b37910a3c5685b944a3ad65068aa251af47450953a06b8b13d74b35d708f6b0
Acknowledgement (Hall of
Document Title:
===
ZTE Datacard PCW(Telecom MF180) - Multiple Software Vulnerabilities
References (Source):
http://www.vulnerability-lab.com/get_content.php?id=1405
Release Date:
=
2015-01-12
Vulnerability Laboratory ID (VL-ID):
==
Document Title:
===
Heroku API Bug Bounty #1 - Persistent Invitation Vulnerability
References (Source):
http://www.vulnerability-lab.com/get_content.php?id=1300
Video: http://www.vulnerability-lab.com/get_content.php?id=1335
BugCrowd ID: e8a8ecb81b9bf115226ed2ff
Vulnerability title: Wordpress plugin Pods <= 2.4.3 XSS and CSRF vulnerabilities
vulnerabilities
Author: Pietro Oliva
CVE: CVE-2014-7956, CVE-2014-7957
Product: pods
Affected version: pods <= 2.4.3
Vulnerabilities fixed in version: 2.5
XSS vulnerability (CVE-2014-7956, authentication is needed):
Advisory: Reflecting XSS vulnerability in CMS PHPKit WCMS v. 1.6.6
Advisory ID: SROEADV-2014-07
Author: Steffen Rösemann
Affected Software: CMS PHPKit WCMS v. 1.6.6 [Build: 1660014]
Vendor URL: http://www.phpkit.com/de/
Vendor Status: did not respond to issue
CVE-ID: -
==
V
Advisory: Reflecting XSS vulnerability in CMS Croogo v.2.2.0
Advisory ID: SROEADV-2015-02
Author: Steffen Rösemann
Affected Software: CMS Croogo v.2.20
Vendor URL: https://croogo.org
Vendor Status: solved
CVE-ID: -
==
Vulnerability Description:
==
T