Kaleidoscope - InZeed

- Science, Technology, Article, Music, Poem, Essay, etc ...

XSS

FC2 fc2.com Online Website URLs XSS (cross site scripting) Vulnerabilities (All URLs Under Domain blog.fc2.com/tag)

FC2 fc2.com Online Website URLs XSS (cross site scripting) Vulnerabilities (All URLs Under Domain blog.fc2.com/tag)   Domain: blog.fc2.com/ “FC2 (founded July 20, 1999) is a popular Japanese blogging host, the third most popular video hosting service in Japan (after YouTube and Niconico), and a web hosting company headquartered in Las Vegas, Nevada. It is the […]

phpwind v8.7 XSS (Cross-site Scripting) Web Security Vulnerabilities

  phpwind v8.7 XSS (Cross-site Scripting) Web Security Vulnerabilities   Exploit Title: phpwind v8.7 goto.php? &url Parameter XSS Security Vulnerabilities Product: phpwind Vendor: phpwind Vulnerable Versions: v8.7 Tested Version: v8.7 Advisory Publication: May 25, 2015 Latest Update: May 25, 2015 Vulnerability Type: Cross-Site Scripting [CWE-79] CVE Reference: * Impact CVSS Severity (version 2.0): CVSS v2 […]

SITEFACT CMS XSS (Cross-site Scripting) Web Security Vulnerabilities

  SITEFACT CMS XSS (Cross-site Scripting) Web Security Vulnerabilities   Exploit Title: SITEFACT CMS content.php? &id Parameter XSS Security Vulnerabilities Product: SITEFACT CMS (Content Management System) Vendor: SITEFACT Vulnerable Versions: version 2.01 Tested Version: version 2.01 Advisory Publication: May 24, 2015 Latest Update: May 24, 2015 Vulnerability Type: Cross-Site Scripting [CWE-79] CVE Reference: * Impact […]

Gcon Tech Solutions v1.0 XSS (Cross-site Scripting) Web Security Vulnerabilities

  Gcon Tech Solutions v1.0 XSS (Cross-site Scripting) Web Security Vulnerabilities   Exploit Title: Gcon Tech Solutions v1.0 content.php? &id Parameter XSS Security Vulnerabilities Product: Gcon Tech Solutions Vendor: Gcon Tech Solutions Vulnerable Versions: v1.0 Tested Version: v1.0 Advisory Publication: May 23, 2015 Latest Update: May 23, 2015 Vulnerability Type: Cross-Site Scripting [CWE-79] CVE Reference: […]

About Group 超过 99.88% 的链接容易遭受 XSS 和 XFS 攻击

  About Group 网站有一个严重的网络安全问题,它容易遭受 XSS (跨站脚本漏洞) XFS (跨Frame脚本漏洞)。这对它的近10亿月访问用户是灾难和毁灭性的。   根据漏洞研究者发布的结果和POC视频,所有About.com的话题(子域名)都可以被攻击者利用。   新加坡南洋理工大学 (NTU) 数学和物理学院 (SPMS) 数学系 (MAS) 的王晶 (Wang Jing) 发布了这个严重的安全漏洞。王晶声称在2014年10月19号,他向 About Group 做了报告,但是迄今为止一直没有收到回复。漏洞的发布时间是2015年2月2号。“到现在为止,漏洞还没有被修复” 王晶说。   与此同时,王晶披露 About.com 主页面的搜索域也容易遭受 XSS 攻击。除此之外,他还发布了一些 About.com 的公开重定向漏洞 (Open Redirect). 王说他的测试是在 Windows 8 的 IE (10.0.9200.16750) 和 Mozilla 的 Firefox (34.0), Ubuntu (14.04) 的 Google Chromium 39.0.2171.65-0, 以及 Mac OS X […]

CVE-2015-2349 – SuperWebMailer 5.50.0.01160 XSS (Cross-site Scripting) Web Security Vulnerabilities

CVE-2015-2349 – SuperWebMailer 5.50.0.01160 XSS (Cross-site Scripting) Web Security Vulnerabilities Exploit Title: CVE-2015-2349 – SuperWebMailer /defaultnewsletter.php” HTMLForm Parameter XSS Web Security Vulnerabilities Product: SuperWebMailer Vendor: SuperWebMailer Vulnerable Versions: 5.*.0.*   4.*.0.* Tested Version: 5.*.0.*   4.*.0.* Advisory Publication: March 11, 2015 Latest Update: May 03, 2015 Vulnerability Type: Cross-Site Scripting [CWE-79] CVE Reference: CVE-2015-2349 Impact CVSS […]

CVE-2014-9562 OptimalSite Content Management System (CMS) XSS (Cross-Site Scripting) Web Security Vulnerabilities

  CVE-2014-9562 OptimalSite Content Management System (CMS) XSS (Cross-Site Scripting) Web Security Vulnerabilities Exploit Title: OptimalSite CMS /display_dialog.php image Parameter XSS Web Security Vulnerability Vendor: OptimalSite Product: OptimalSite Content Management System (CMS) Vulnerable Versions: V.1 V2.4 Tested Version: V.1 V2.4 Advisory Publication: January 24, 2015 Latest Update: January 31, 2015 Vulnerability Type: Cross-Site Scripting [CWE-79] […]

CVE-2015-1475 – My Little Forum Multiple XSS Security Vulnerabilities

  CVE-2015-1475 – My Little Forum Multiple XSS Web Security Vulnerabilities   Exploit Title: My Little Forum Multiple XSS Web Security Vulnerabilities Vendor: My Little Forum Product: My Little Forum Vulnerable Versions: 2.3.3 2.2 1.7 Tested Version: 2.3.3 2.2 1.7 Advisory Publication: February 04, 2015 Latest Update: February 11, 2015 Vulnerability Type: Cross-Site Scripting [CWE-79] […]

CVE-2014-9468 InstantASP InstantForum.NET Multiple XSS (Cross-Site Scripting) Security Vulnerability Bugs

    CVE-2014-9468 InstantASP InstantForum.NET Multiple XSS (Cross-Site Scripting) Security Vulnerability Bugs   Exploit Title: InstantASP InstantForum.NET Multiple XSS (Cross-Site Scripting) Security Vulnerabilities Product: InstantForum.NET Vendor: InstantASP Vulnerable Versions: v4.1.3   v4.1.1   v4.1.2   v4.0.0   v4.1.0   v3.4.0 Tested Version: v4.1.3   v4.1.1   v4.1.2 Advisory Publication: Feb 18, 2015 Latest Update: Feb […]

CVE-2014-9469 vBulletin XSS (Cross-Site Scripting) Web Security Vulnerabilities

  CVE-2014-9469 vBulletin XSS (Cross-Site Scripting) Web Security Vulnerabilities   Exploit Title: vBulletin XSS (Cross-Site Scripting) Web Security Vulnerabilities Product: vBulletin Forum Vendor: vBulletin Vulnerable Versions: 5.1.3   5.0.5   4.2.2   3.8.7   3.6.7   3.6.0   3.5.4 Tested Version: 5.1.3 4.2.2 Advisory Publication: February 12, 2015 Latest Update: February 26, 2015 Vulnerability Type: […]

Kaleidoscope - InZeed © 2015 Frontier Theme