Amazon Covert Redirect Bug Based on Kindle Daily Post, Omnivoracious, Car Lust – Amazon Covert Redirect Based on Kindle Daily Post, Omnivoracious, Car Lust & kindlepost.com omnivoracious.com carlustblog.com Open Redirect Web Security Vulnerabilities Domains: http://www.amazon.com “Amazon.com, Inc. (/ˈæməzɒn/ or /ˈæməzən/) is an American electronic commerce company with headquarters in Seattle, Washington. It is the …
Continue reading Amazon Covert Redirect Bug Based on Kindle Daily Post, Omnivoracious, Car Lustvulnerability
CVE-2015-2349 – SuperWebMailer 5.50.0.01160 XSS (Cross-site Scripting) Web Security Vulnerabilities Exploit Title: CVE-2015-2349 – SuperWebMailer /defaultnewsletter.php” HTMLForm Parameter XSS Web Security Vulnerabilities Product: SuperWebMailer Vendor: SuperWebMailer Vulnerable Versions: 5.*.0.* 4.*.0.* Tested Version: 5.*.0.* 4.*.0.* Advisory Publication: March 11, 2015 Latest Update: May 03, 2015 Vulnerability Type: Cross-Site Scripting [CWE-79] CVE Reference: CVE-2015-2349 Impact CVSS …
Continue reading CVE-2015-2349 – SuperWebMailer 5.50.0.01160 XSS (Cross-site Scripting) Web Security VulnerabilitiesCVE-2015-2243 Webshop hun v1.062S Directory Traversal Web Security Vulnerabilities Exploit Title: CVE-2015-2243 Webshop hun v1.062S /index.php &mappa Parameter Directory Traversal Web Security Vulnerabilities Product: Webshop hun Vendor: Webshop hun Vulnerable Versions: v1.062S Tested Version: v1.062S Advisory Publication: March 01, 2015 Latest Update: April 28, 2015 Vulnerability Type: Improper Limitation of a Pathname to a …
Continue reading CVE-2015-2243 Webshop hun v1.062S Directory Traversal Web Security VulnerabilitiesCVE-2015-2242 – Webshop hun v1.062S SQL Injection Web Security Vulnerabilities Exploit Title: CVE-2015-2242 Webshop hun v1.062S /index.php Multiple Parameters SQL Injection Web Security Vulnerabilities Product: Webshop hun Vendor: Webshop hun Vulnerable Versions: v1.062S Tested Version: v1.062S Advisory Publication: Mar 04, 2015 Latest Update: Mar 04, 2015 Vulnerability Type: Improper Control of Generation of Code (‘Code …
Continue reading CVE-2015-2242 – Webshop hun v1.062S SQL Injection Web Security VulnerabilitiesCVE-2014-9469 vBulletin XSS (Cross-Site Scripting) Security Vulnerabilities Exploit Title: vBulletin XSS (Cross-Site Scripting) Security Vulnerabilities Product: vBulletin Forum Vendor: vBulletin Vulnerable Versions: 5.1.3 5.0.5 4.2.2 3.8.7 3.6.7 3.6.0 3.5.4 Tested Version: 5.1.3 4.2.2 Advisory Publication: Feb 12, 2015 Latest Update: Feb 12, 2015 Vulnerability Type: Cross-Site Scripting [CWE-79] CVE Reference: CVE-2014-9469 CVSS Severity (version 2.0): …
Continue reading CVE-2014-9469 vBulletin XSS (Cross-Site Scripting) Security VulnerabilitiesCVE-2014-8753 Cit-e-Net Multiple XSS (Cross-Site Scripting) Security Vulnerabilities Exploit Title: Cit-e-Net Multiple XSS (Cross-Site Scripting) Security Vulnerabilities Product: Cit-e-Access Vendor: Cit-e-Net Vulnerable Versions: Version 6 Tested Version: Version 6 Advisory Publication: Feb 12, 2015 Latest Update: Feb 12, 2015 Vulnerability Type: Cross-Site Scripting [CWE-79] CVE Reference: CVE-2014-8753 CVSS Severity (version 2.0): CVSS v2 Base …
Continue reading CVE-2014-8753 Cit-e-Net Multiple XSS (Cross-Site Scripting) Security VulnerabilitiesExploit Title: Softbb.net SoftBB /redir_last_post_list.php post Parameter SQL Injection Product: SoftBB (mods) Vendor: Softbb.net Vulnerable Versions: v0.1.3 Tested Version: v0.1.3 Advisory Publication: Jan 10, 2015 Latest Update: Jan 10, 2015 Vulnerability Type: Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) (CWE-89) CVE Reference: CVE-2014-9560 CVSS Severity (version 2.0): CVSS v2 Base …
Continue reading CVE-2014-9560 Softbb.net SoftBB SQL Injection Security VulnerabilitiesExploit Title: Softbb.net SoftBB /redir_last_post_list.php post Parameter XSS Product: SoftBB (mods) Vendor: Softbb.net Vulnerable Versions: v0.1.3 Tested Version: v0.1.3 Advisory Publication: Jan 10, 2015 Latest Update: Jan 10, 2015 Vulnerability Type: Cross-Site Scripting [CWE-79] CVE Reference: CVE-2014-9561 CVSS Severity (version 2.0): CVSS v2 Base Score: 4.3 (MEDIUM) (AV:N/AC:M/Au:N/C:N/I:P/A:N) (legend) Impact Subscore: 2.9 Exploitability Subscore: 8.6 …
Continue reading CVE-2014-9561 Softbb.net SoftBB XSS (Cross-Site Scripting) Security VulnerabilityCVE-2014-7294 NYU OpenSSO Integration 2.1 Dest Privilege Escalation Web Security Vulnerability Exploit Title: NYU OpenSSO Integration Logon Page url Parameter Open Redirect Product: OpenSSO Integration Vendor: NYU Vulnerable Versions: 2.1 and probability prior Tested Version: 2.1 Advisory Publication: December 14, 2014 Latest Update: January 05, 2015 Vulnerability Type: Open Redirect [CWE-601] CVE Reference: CVE-2014-7294 mpact CVSS …
Continue reading CVE-2014-7294 NYU OpenSSO Integration Open Redirect Security VulnerabilityCVE-2014-7293 NYU OpenSSO Integration XSS (Cross-Site Scripting) Web Security Vulnerability Exploit Title: NYU OpenSSO Integration Logon Page url Parameter XSS Product: OpenSSO Integration Vendor: NYU Vulnerable Versions: 2.1 and probability prior Tested Version: 2.1 Advisory Publication: December 29, 2014 Latest Update: December 29, 2014 Vulnerability Type: Cross-Site Scripting [CWE-79] CVE …
Continue reading CVE-2014-7293 NYU OpenSSO Integration XSS (Cross-Site Scripting) Security Vulnerability