Monthly Archives: February 2015

CVE-2015-1475 – My Little Forum Multiple XSS Web Security Vulnerabilities

CVE-2015-1475  – My Little Forum Multiple XSS Web Security Vulnerabilities Exploit Title: My Little Forum Multiple XSS Web Security Vulnerabilities Vendor: My Little Forum Product: My Little Forum Vulnerable Versions: 2.3.3  2.2  1.7 Tested Version: 2.3.3  2.2  1.7 Advisory Publication: … Continue reading

Posted in 0Day, Hacker Exploit | Tagged , , , , , , , , , , , , , , , , , , , , , | Leave a comment

About Group 超过 99.88% 的链接容易遭受 XSS 和 XFS 攻击

  About Group 网站有一个严重的网络安全问题,它容易遭受 XSS (跨站脚本漏洞) XFS (跨Frame脚本漏洞)。这对它的近10亿月访问用户是灾难和毁灭性的。   根据漏洞研究者发布的结果和POC视频,所有About.com的话题(子域名)都可以被攻击者利用。   新加坡南洋理工大学 (NTU) 数学和物理学院 (SPMS) 数学系 (MAS) 的王晶 (Wang Jing) 发布了这个严重的安全漏洞。王晶声称在2014年10月19号,他向 About Group 做了报告,但是迄今为止一直没有收到回复。漏洞的发布时间是2015年2月2号。“到现在为止,漏洞还没有被修复” 王晶说。   与此同时,王晶披露 About.com 主页面的搜索域也容易遭受 XSS 攻击。除此之外,他还发布了一些 About.com 的公开重定向漏洞 (Open Redirect). 王说他的测试是在 Windows 8 的 IE … Continue reading

Posted in Articles, IT Computer & Web, Web Research | Tagged , , , , , , , , , , , , , , , , , | Leave a comment

Maxwell’s Formulation – Differential Forms on Euclidean Space

Maxwell’s Formulation – Differential Forms on Euclidean Space Author: Jing Wang Institute: School of Physical and Mathematical Sciences, Nanyang Technological University, Singapore     One of the greatest advances in theoretical physics of the nineteenth century was Maxwell’s formulation of … Continue reading

Posted in Articles | Tagged , , , , , , , , , , | Leave a comment

About Group (about.com) All Topics (At least 99.88% links) Vulnerable to XSS & Iframe Injection Security Attacks, About.com Open Redirect Web Security Vulnerabilities

About Group (about.com) All Topics (At least 99.88% links) Vulnerable to XSS & Iframe Injection Security Attacks, About.com Open Redirect Security Vulnerabilities   Vulnerability Description: About.com all “topic sites” are vulnerable to XSS (Cross-Site Scripting) and Iframe Injection (Cross Frame … Continue reading

Posted in 0Day, Open Redirect, XFS, XSS | Tagged , , , , , , , , , , , , , , | Leave a comment