CVE-2015-4134 phpwind v8.7 Unvalidated Redirects and Forwards Web Security Vulnerabilities

CVE-2015-4134  phpwind v8.7 Unvalidated Redirects and Forwards Web Security Vulnerabilities   Exploit Title: phpwind v8.7 goto.php? &url Parameter Open Redirect Security Vulnerabilities Product: phpwind Vendor: phpwind Vulnerable Versions: v8.7 Tested Version: v8.7 Advisory Publication: May 25, 2015 Latest Update: May… Continue Reading

Feed2JS v1.7 XSS (Cross-site Scripting) Web Security Vulnerabilities

Feed2JS v1.7 XSS (Cross-site Scripting) Web Security Vulnerabilities   Exploit Title: Feed2JS v1.7 magpie_debug.php? &url parameter XSS Security Vulnerabilities Product: Feed2JS Vendor: feed2js.org Vulnerable Versions: v1.7 Tested Version: v1.7 Advisory Publication: May 09, 2015 Latest Update: May 09, 2015 Vulnerability… Continue Reading

CVE-2015-2242 – Webshop hun v1.062S SQL Injection Web Security Vulnerabilities

CVE-2015-2242 – Webshop hun v1.062S SQL Injection Web Security Vulnerabilities Exploit Title: CVE-2015-2242 Webshop hun v1.062S /index.php Multiple Parameters SQL Injection Web Security Vulnerabilities Product: Webshop hun Vendor: Webshop hun Vulnerable Versions: v1.062S Tested Version: v1.062S Advisory Publication: Mar 04,… Continue Reading

Facebook Old Generated URLs Still Vulnerable to Open Redirect Attacks & A New Open Redirect Web Security Bugs

Facebook Old Generated URLs Still Vulnerable to Open Redirect Attacks & A New Open Redirect Web Security Bugs Domain: http://www.facebook.com “Facebook is an online social networking service headquartered in Menlo Park, California. Its website was launched on February 4, 2004,… Continue Reading

CVE-2014-9557 SmartCMS Multiple XSS (Cross-Site Scripting) Security Vulnerability

CVE-2014-9557 SmartCMS Multiple XSS (Cross-Site Scripting) Security Vulnerability   Exploit Title: Smartwebsites SmartCMS v.2 Multiple XSS Security Vulnerabilities Product: SmartCMS v.2 Vendor: Smartwebsites Vulnerable Versions: v.2 Tested Version: v.2 Advisory Publication: Jan 22, 2015 Latest Update: Jan 22, 2015 Vulnerability… Continue Reading

Yahoo and Yahoo Japan May be Vulnerable to Spams

  Yahoo and Yahoo Japan May be Vulnerable to Spams   Student security researcher Wang Jing from School of Physical and Mathematical Sciences at Nanyang Technological University, Singapore, has found new security vulnerabilities related to Yahoo. After reporting several Open… Continue Reading

76.3% WEATHER CHANNEL WEBSITE LINKS VULNERABLE TO REFLECTED CROSS-SITE SCRIPTING (XSS)

Popular Weather Channel web site (Weather.com) has been found to be vulnerable to a reflected Cross-Site Scripting flaw, according to security researcher Wang Jing’s research. The vulnerability lies in that Weather.com does not filter malicious script codes when constructing HTML… Continue Reading

Google Covert Redirect Web Security Bugs Based on Googleads.g.doubleclick.net

  Bypass Google Open Redirect Filter Based on Googleads.g.doubleclick.net – Google Covert Redirect Vulnerability Based on Googleads.g.doubleclick.net       (1) WebSite: google.com   “Google is an American multinational technology company specializing in Internet-related services and products. These include online advertising technologies,… Continue Reading

Yahoo Online Service OpenID Covert Redirect Web Security Bugs (Information Leakage & Open Redirect)

  Yahoo Online Service OpenID Covert Redirect Web Security Bugs (Information Leakage & Open Redirect) (1) Domain: yahoo.com     “Yahoo Inc. (styled as Yahoo!) is an American multinational technology company headquartered in Sunnyvale, California. It is globally known for… Continue Reading

Godaddy Online Website Covert Redirect Web Security Bugs Based on Google.com

  Godaddy Online Website Covert Redirect Web Security Bugs Based on Google.com   (1) Domain: godaddy.com     “GoDaddy is a publicly traded Internet domain registrar and web hosting company. As of 2014, GoDaddy was said to have had more… Continue Reading