VuFind 1.0 Reflected XSS (Cross-site Scripting) Application 0-Day Web Security Bug

VuFind 1.0 Reflected XSS (Cross-site Scripting) Application 0-Day Web Security Bug   Exploit Title: VuFind Results? &lookfor parameter Reflected XSS Web Security Vulnerability Product: VuFind Vendor: VuFind Vulnerable Versions: 1.0 Tested Version: 1.0 Advisory Publication: September 20, 2015 Latest Update:… Continue Reading

PhotoPost PHP 4.8c Cookie Based Stored XSS (Cross-site Scripting) Web Application 0-Day Bug

PhotoPost PHP 4.8c Cookie Based Stored XSS (Cross-site Scripting) Web Application 0-Day Bug   Exploit Title: PhotoPost PHP __utmz Cookie Stored XSS Web Security Vulnerability Product: PhotoPost PHP Vendor: PhotoPost Vulnerable Versions: 4.8c  4.8.6  4.8.5  4.8.2  3.1.1  vB3 Tested Version:… Continue Reading

CVE-2015-4135 phpwind v8.7 XSS (Cross-site Scripting) Web Security Vulnerabilities

CVE-2015-4135 phpwind v8.7 XSS (Cross-site Scripting) Web Security Vulnerabilities   Exploit Title: phpwind v8.7 goto.php? &url Parameter XSS Security Vulnerabilities Product: phpwind Vendor: phpwind Vulnerable Versions: v8.7 Tested Version: v8.7 Advisory Publication: May 25, 2015 Latest Update: May 25, 2015… Continue Reading