Tag Archives: white-hat

The New York Times Old Articles Can Be Exploited by XSS Attacks (Almost all Article Pages Before 2013 Are Affected)

      Domain: http://www.nytimes.com/   “The New York Times (NYT) is an American daily newspaper, founded and continuously published in New York City since September 18, 1851, by the New York Times Company. It has won 114 Pulitzer Prizes, … Continue reading

Posted in 0Day, Website Testing, XSS | Tagged , , , , , , , , , , , , , , , , , | Leave a comment

Mozilla Online Website Two Sub-Domains XSS (Cross-site Scripting) Bugs ( All URLs Under the Two Domains)

    Domains: http://lxr.mozilla.org/ http://mxr.mozilla.org/ (The two domains above are almost the same)   Websites information: “lxr.mozilla.org, mxr.mozilla.org are cross references designed to display the Mozilla source code. The sources displayed are those that are currently checked in to the … Continue reading

Posted in Website Testing, XSS | Tagged , , , , , , , , , , , , , , , , | Leave a comment

Bugtraq ID 75176 – 6kbbs v8.0 Weak Encryption Cryptography Security Vulnerabilities

Bugtraq ID 75176 – 6kbbs v8.0 Weak Encryption Cryptography Security Vulnerabilities   Exploit Title: 6kbbs Weak Encryption Web Security Vulnerabilities Vendor: 6kbbs Product: 6kbbs Vulnerable Versions: v7.1 v8.0 Tested Version: v7.1 v8.0 Advisory Publication: June 08, 2015 Latest Update: June … Continue reading

Posted in 0Day, Bugtraq, Weak Encryption, Web Application | Tagged , , , , , , , , , , , , , , , , | Leave a comment

CVE-2015-2349 – SuperWebMailer 5.50.0.01160 XSS (Cross-site Scripting) Web Security Vulnerabilities

CVE-2015-2349 – SuperWebMailer 5.50.0.01160 XSS (Cross-site Scripting) Web Security Vulnerabilities Exploit Title: CVE-2015-2349 – SuperWebMailer /defaultnewsletter.php” HTMLForm Parameter XSS Web Security Vulnerabilities Product: SuperWebMailer Vendor: SuperWebMailer Vulnerable Versions: 5.*.0.*   4.*.0.* Tested Version: 5.*.0.*   4.*.0.* Advisory Publication: March 11, … Continue reading

Posted in 0Day, Hacker Exploit | Tagged , , , , , , , , , , , , , , , , , , , , , , , , , , , | Leave a comment

Webs ID Reflected XSS (Cross-site Scripting) Security Vulnerabilities

Originally posted on computer pitch:
? Webs ID Reflected XSS (Cross-site Scripting) Security Vulnerabilities ? Exploit Title: Webs ID /login.jsp &error Parameter Reflected XSS (Cross-site Scripting) Security Vendor: Webs, Inc Product: Webs ID Vulnerable Versions: Tested Version: Advisory Publication: April…

Posted in IT Computer & Web | Tagged , , , , , , , , , , , , , , , , , , , | Leave a comment

NetCat CMS 3.12 Multiple Directory Traversal Security Vulnerabilities

Originally posted on computer pitch:
? NetCat CMS 3.12 Multiple Directory Traversal Security Vulnerabilities ? Exploit Title: NetCat CMS 3.12 Multiple Directory Traversal Security Vulnerabilities Product: NetCat CMS (Content Management System) Vendor: NetCat Vulnerable Versions: 3.12 3.0 2.4 2.3 2.2…

Posted in IT Computer & Web | Tagged , , , , , , , , , , , , , , , , , , , | Leave a comment

NetCat CMS 3.12 HTML Injection Security Vulnerabilities

Originally posted on computer pitch:
? NetCat CMS 3.12 HTML Injection Security Vulnerabilities ? Exploit Title: NetCat CMS 3.12 /catalog/search.php? q Parameter HTML Injection Security Vulnerabilities Product: NetCat CMS (Content Management System) Vendor: NetCat Vulnerable Versions: 3.12 3.0 2.4 2.3…

Posted in IT Computer & Web | Tagged , , , , , , , , , , , , , , , , , , , | Leave a comment