6.4A vulnerability has been identified in Bootstrap that exposes users to Cross-Site Scripting (XSS) attacks. The issue is present in the carousel component, where the data-slide and data-slide-to attributes can be exploited through the href attribute of an <a> tag due to inadequate sanitization. This vulnerability could potentially enable attackers to execute arbitrary JavaScript within the victim's browser.

CVE-2024-5458

5.3In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, due to a code logic error, filtering functions such as filter_var when validating URLs (FILTER_VALIDATE_URL) for certain types of URLs the function will result in invalid user information (username + password part of URLs) being treated as valid user information. This may lead to the downstream code accepting invalid URLs as valid and parsing them incorrectly.

2019(1)

CVE-2019-8331

6.1In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute.

2018(4)

CVE-2018-20677

6.1In Bootstrap before 3.4.0, XSS is possible in the affix configuration target property.

CVE-2018-20676

6.1In Bootstrap before 3.4.0, XSS is possible in the tooltip data-viewport attribute.

CVE-2018-14042

6.1In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.

CVE-2018-14040

6.1In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.

2016(1)

CVE-2016-10735

6.1In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.

2013(1)

CVE-2013-2220

7.5Buffer overflow in the radius_get_vendor_attr function in the Radius extension before 1.2.7 for PHP allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large Vendor Specific Attributes (VSA) length value.

2007(1)

CVE-2007-3205

5.0The parse_str function in (1) PHP, (2) Hardened-PHP, and (3) Suhosin, when called without a second parameter, might allow remote attackers to overwrite arbitrary variables by specifying variable names and values in the string to be parsed. NOTE: it is not clear whether this is a design limitation of the function or a bug in PHP, although it is likely to be regarded as a bug in Hardened-PHP and Suhosin.

OpenPorts

80 443

80 / tcp

-1104084038 | 2025-03-24T09:15:36.205835

Hashes

hash

669434794

http.dom_hash

-320243686

http.html_hash

-1104084038

http.server_hash

1081824176

http.title_hash

86720323

Default Site

HTTP/1.1 200 OK
Server: openresty
Date: Mon, 24 Mar 2025 09:15:36 GMT
Content-Type: text/html
Content-Length: 1033
Last-Modified: Mon, 14 Aug 2023 23:13:21 GMT
Connection: keep-alive
ETag: "64dab511-409"
Accept-Ranges: bytes

Vulnerabilities

443 / tcp

575777137 | 2025-03-29T18:21:57.134658

Hashes

hash

-907627271

http.dom_hash

-1232827527

http.favicon.hash

1131065957

http.html_hash

575777137

http.server_hash

1081824176

QEX - Reklama - Systémy - Events - Parking

HTTP/1.1 200 OK
Server: openresty
Date: Sat, 29 Mar 2025 18:16:12 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/8.0.30
Last-Modified: Fri, 21 Feb 2025 09:19:38 GMT
Vary: Accept-Encoding
X-Served-By: qex.sk

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:35:6c:d6:bb:0a:5f:41:98:a9:b2:1e:7c:cd:12:8a:c9:f0
        Signature Algorithm: ecdsa-with-SHA384
        Issuer: C=US, O=Let's Encrypt, CN=E5
        Validity
            Not Before: Feb 13 17:08:03 2025 GMT
            Not After : May 14 17:08:02 2025 GMT
        Subject: CN=qex.sk
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (384 bit)
                pub:
                    04:4e:f4:4d:80:ba:e7:fd:31:34:b3:3c:5d:d4:c7:
                    8b:8e:fc:5c:81:58:22:07:a2:4f:0c:8e:19:3f:54:
                    15:f0:c7:68:a6:dd:ec:bb:2d:36:04:80:01:33:92:
                    4d:35:45:6d:57:a9:29:5e:9c:2f:49:76:1c:05:13:
                    09:17:62:d1:33:23:cd:09:35:14:a5:99:43:98:a1:
                    86:f1:e6:7a:7f:54:b6:26:fc:17:7c:e6:c8:61:41:
                    f8:76:9c:46:ca:dd:b5
                ASN1 OID: secp384r1
                NIST CURVE: P-384
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                50:DD:52:68:CE:51:00:25:CF:22:E1:C6:E1:C0:99:9D:19:2A:3B:7F
            X509v3 Authority Key Identifier: 
                9F:2B:5F:CF:3C:21:4F:9D:04:B7:ED:2B:2C:C4:C6:70:8B:D2:D7:0D
            Authority Information Access: 
                OCSP - URI:http://e5.o.lencr.org
                CA Issuers - URI:http://e5.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:qex.sk
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 7D:59:1E:12:E1:78:2A:7B:1C:61:67:7C:5E:FD:F8:D0:
                                87:5C:14:A0:4E:95:9E:B9:03:2F:D9:0E:8C:2E:79:B8
                    Timestamp : Feb 13 18:06:33.806 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:8A:D9:50:C9:95:31:58:CB:2B:C3:EC:
                                21:9C:77:F7:E5:5F:D6:0C:6E:E9:94:3A:C6:74:DF:94:
                                B7:D2:83:EB:21:02:21:00:D8:50:3C:EF:03:F8:DB:4C:
                                8C:33:05:67:45:E7:46:3A:AC:4C:B3:92:31:8C:2D:83:
                                73:16:C6:39:E2:00:EA:E7
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : A2:E3:0A:E4:45:EF:BD:AD:9B:7E:38:ED:47:67:77:53:
                                D7:82:5B:84:94:D7:2B:5E:1B:2C:C4:B9:50:A4:47:E7
                    Timestamp : Feb 13 18:06:33.815 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:DF:23:23:E8:F7:93:37:62:2F:BC:00:
                                9A:21:BD:50:88:33:91:C6:86:B7:FB:13:32:18:47:10:
                                E8:6C:BF:08:20:02:20:33:59:2C:98:1C:C6:9B:44:02:
                                7B:94:E1:55:C7:94:6E:36:8B:5E:9F:C5:58:17:D6:97:
                                17:32:97:FD:E7:24:87
    Signature Algorithm: ecdsa-with-SHA384
    Signature Value:
        30:64:02:30:45:d6:84:48:52:c9:6b:d0:91:40:d7:86:d0:02:
        f8:24:15:4c:b9:04:41:00:a3:4f:5a:8c:4e:a8:25:56:2b:1b:
        01:4a:0a:d8:fb:96:4d:66:6f:0b:b2:2b:a4:4f:48:7c:02:30:
        79:bd:82:bb:88:a0:31:85:de:d4:c1:be:3e:53:a8:0c:f4:c0:
        06:41:34:c8:9d:d9:76:e4:05:d9:57:82:67:8f:a6:9c:11:bc:
        d4:39:17:6d:98:1b:f6:46:8d:7a:9d:9b

Vulnerabilities

1 2

195.80.166.204

Last Seen: 2025-03-29

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

80 / tcp

-1104084038 | 2025-03-24T09:15:36.205835

Hashes

OpenResty

443 / tcp

575777137 | 2025-03-29T18:21:57.134658

Hashes

OpenResty

Products

Pricing

Contact Us

195.80.166.204

Last Seen: 2025-03-29

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities All ports Port 80 Port 443 Latest CVSS

OpenPorts

80 / tcp -1104084038 | 2025-03-24T09:15:36.205835

Hashes

OpenResty

443 / tcp 575777137 | 2025-03-29T18:21:57.134658

Hashes

OpenResty

Products

Pricing

Contact Us

Vulnerabilities

80 / tcp

-1104084038 | 2025-03-24T09:15:36.205835

443 / tcp

575777137 | 2025-03-29T18:21:57.134658