Kaleidoscope - InZeed

- Science, Technology, Article, Music, Poem, Essay, etc ...

jing wang

Bugtraq ID 75176 – 6kbbs v8.0 Weak Encryption Cryptography Security Vulnerabilities

  Bugtraq ID 75176 – 6kbbs v8.0 Weak Encryption Cryptography Security Vulnerabilities   Exploit Title: 6kbbs Weak Encryption Web Security Vulnerabilities Vendor: 6kbbs Product: 6kbbs Vulnerable Versions: v7.1 v8.0 Tested Version: v7.1 v8.0 Advisory Publication: June 08, 2015 Latest Update: June 10, 2015 Vulnerability Type: Inadequate Encryption Strength [CWE-326] CVE Reference: * CVSS Severity (version […]

phpwind v8.7 Unvalidated Redirects and Forwards Web Security Vulnerabilities

  phpwind v8.7 Unvalidated Redirects and Forwards Web Security Vulnerabilities   Exploit Title: phpwind v8.7 goto.php? &url Parameter Open Redirect Security Vulnerabilities Product: phpwind Vendor: phpwind Vulnerable Versions: v8.7 Tested Version: v8.7 Advisory Publication: May 25, 2015 Latest Update: May 25, 2015 Vulnerability Type: URL Redirection to Untrusted Site (‘Open Redirect’) [CWE-601] CVE Reference: * […]

phpwind v8.7 XSS (Cross-site Scripting) Web Security Vulnerabilities

  phpwind v8.7 XSS (Cross-site Scripting) Web Security Vulnerabilities   Exploit Title: phpwind v8.7 goto.php? &url Parameter XSS Security Vulnerabilities Product: phpwind Vendor: phpwind Vulnerable Versions: v8.7 Tested Version: v8.7 Advisory Publication: May 25, 2015 Latest Update: May 25, 2015 Vulnerability Type: Cross-Site Scripting [CWE-79] CVE Reference: * Impact CVSS Severity (version 2.0): CVSS v2 […]

Gcon Tech Solutions v1.0 SQL Injection Web Security Vulnerabilities

  Gcon Tech Solutions v1.0 SQL Injection Web Security Vulnerabilities   Exploit Title: Gcon Tech Solutions v1.0 content.php? &id Parameter SQL Injection Security Vulnerabilities Product: Gcon Tech Solutions Vendor: Gcon Tech Solutions Vulnerable Versions: v1.0 Tested Version: v1.0 Advisory Publication: May 24, 2015 Latest Update: May 24, 2015 Vulnerability Type: Improper Neutralization of Special Elements […]

CXSecurity WLB-2015040034 6kbbs v8.0 Multiple CSRF (Cross-Site Request Forgery) Web Security Vulnerabilities

  CXSecurity WLB-2015040034 6kbbs v8.0 Multiple CSRF (Cross-Site Request Forgery) Web Security Vulnerabilities   Exploit Title: 6kbbs Multiple CSRF (Cross-Site Request Forgery) Security Vulnerabilities Vendor: 6kbbs Product: 6kbbs Vulnerable Versions: v7.1   v8.0 Tested Version: v7.1   v8.0 Advisory Publication: April 02, 2015 Latest Update: April 02, 2015 Vulnerability Type: Cross-Site Request Forgery (CSRF) [CWE-352] CVE Reference: […]

About Group (about.com) All Topics (At least 99.88% links) Vulnerable to XSS & Iframe Injection Security Attacks, About.com Open Redirect Web Security Vulnerabilities

About Group (about.com) All Topics (At least 99.88% links) Vulnerable to XSS & Iframe Injection Security Attacks, About.com Open Redirect Security Vulnerabilities   Vulnerability Description: About.com all “topic sites” are vulnerable to XSS (Cross-Site Scripting) and Iframe Injection (Cross Frame Scripting) attacks. This means all sub-domains of about.com are affected. Based on a self-written program, 94357 links […]

Alibaba Taobao, AliExpress, Tmall, Online Electronic Shopping Website XSS & Open Redirect Security Vulnerabilities

Alibaba Taobao, AliExpress, Tmall, Online Electronic Shopping Website XSS & Open Redirect Security Vulnerabilities Domains Basics: Alibaba Taobao, AliExpress, Tmall are the top three online shopping websites belonging to Alibaba. Vulnerability Discover: Jing Wang, Division of Mathematical Sciences (MAS), School of Physical and Mathematical Sciences (SPMS), Nanyang Technological University (NTU), Singapore. http://www.tetraph.com/wangjing/ (1) Domains Descriptions: […]

एक अन्य Heartbleed?वेब सुरक्षा में पाया दोषों, Covert Redirect

एक अन्य Heartbleed?वेब सुरक्षा में पाया दोषों, Covert Redirect     इंटरनेट अब भी Heartbleed बग से जूझ रहा है, जबकि सुरक्षा प्रोटोकॉल OAuth 2.0 और OpenID में एक प्रमुख नए भेद्यता खोज की गई है.           सिंगापुर में नानयांग प्रौद्योगिकी विश्वविद्यालय की पीएचडी की छात्रा वांग जिंग हैकर्स उपयोगकर्ताओं को […]

Xuất hiện lỗ hổng Covert Redirect, bản sao của “Trái tim rỉ máu”

Xuất hiện lỗ hổng Covert Redirect, bản sao của “Trái tim rỉ máu”   Một nghiên cứu sinh tại trường Đại học Công nghệ Nanyang (Singapore) vừa phát hiện một lỗ hổng bảo mật tồn tại trong phần mềm mã nguồn mở đang được rất nhiều website sử dụng. Thông tin mới nhất cho thấy […]

Kaleidoscope - InZeed © 2015 Frontier Theme