TeleGraph All Photo (Picture) Pages Have Been Vulnerable to XSS Cyber Attacks

TeleGraph All Photo (Picture) Pages Have Been Vulnerable to XSS Cyber Attacks Website Description: http://www.telegraph.co.uk   “The Daily Telegraph is a British daily morning English-language broadsheet newspaper, published in London by Telegraph Media Group and distributed throughout the United Kingdom… Continue Reading

VuFind 1.0 Reflected XSS (Cross-site Scripting) Application 0-Day Web Security Bug

VuFind 1.0 Reflected XSS (Cross-site Scripting) Application 0-Day Web Security Bug   Exploit Title: VuFind Results? &lookfor parameter Reflected XSS Web Security Vulnerability Product: VuFind Vendor: VuFind Vulnerable Versions: 1.0 Tested Version: 1.0 Advisory Publication: September 20, 2015 Latest Update:… Continue Reading

Winmail Server 4.2 Reflected XSS (Cross-site Scripting) Web Application 0-Day Security Bug

Winmail Server 4.2 Reflected XSS (Cross-site Scripting) Web Application 0-Day Security Bug     Exploit Title: Winmail Server badlogin.php &lid parameter Reflected XSS Web Security Vulnerability Product: Winmail Server Vendor: Winmail Server Vulnerable Versions: 4.2   4.1 Tested Version: 4.2… Continue Reading

KnowledgeTree OSS 3.0.3b Reflected XSS (Cross-site Scripting) Web Application 0-Day Security Bug

KnowledgeTree OSS 3.0.3b Reflected XSS (Cross-site Scripting) Web Application 0-Day Security Bug   Exploit Title: KnowledgeTree login.php &errorMessage parameter Reflected XSS Web Security Vulnerability Product: Knowledge Tree Document Management System Vendor: Knowledge Inc Vulnerable Versions: OSS 3.0.3b Tested Version: OSS… Continue Reading

PhotoPost PHP 4.8c Cookie Based Stored XSS (Cross-site Scripting) Web Application 0-Day Bug

PhotoPost PHP 4.8c Cookie Based Stored XSS (Cross-site Scripting) Web Application 0-Day Bug   Exploit Title: PhotoPost PHP __utmz Cookie Stored XSS Web Security Vulnerability Product: PhotoPost PHP Vendor: PhotoPost Vulnerable Versions: 4.8c  4.8.6  4.8.5  4.8.2  3.1.1  vB3 Tested Version:… Continue Reading

FC2 & Rakuten Online Websites Multiple XSS (Cross-site Scripting) and Open Redirect Cyber Vulnerabilities

FC2 & Rakuten Online Websites Multiple XSS (Cross-site Scripting) and Open Redirect Cyber Vulnerabilities    FC2 and Rakuten are the first and second top ranking Japanese local online websites. This article introduces several XSS (Cross-site Scripting) and Open Redirect bugs… Continue Reading

FC2 fc2.com Online Website URLs XSS (cross site scripting) Vulnerabilities (All URLs Under Domain blog.fc2.com/tag)

FC2 fc2.com Online Website URLs XSS (cross site scripting) Vulnerabilities (All URLs Under Domain blog.fc2.com/tag)   Domain: blog.fc2.com/ “FC2 (founded July 20, 1999) is a popular Japanese blogging host, the third most popular video hosting service in Japan (after YouTube… Continue Reading

Rakuten Website Search Page XSS (cross site scripting) Web Security Vulnerability

Rakuten Website Search Page XSS (cross site scripting) Web Security Vulnerability Domain: www.rakuten.de/ “Rakuten, Inc. (楽天株式会社 Rakuten Kabushiki-gaisha?) is a Japanese electronic commerce and Internet company based in Tokyo, Japan. Its B2B2C e-commerce platform Rakuten Ichiba is the largest e-commerce… Continue Reading