FC2 & Rakuten Online Websites Multiple XSS (Cross-site Scripting) and Open Redirect Cyber Vulnerabilities

FC2 & Rakuten Online Websites Multiple XSS (Cross-site Scripting) and Open Redirect Cyber Vulnerabilities    FC2 and Rakuten are the first and second top ranking Japanese local online websites. This article introduces several XSS (Cross-site Scripting) and Open Redirect bugs… Continue Reading

FC2 fc2.com Online Website URLs XSS (cross site scripting) Vulnerabilities (All URLs Under Domain blog.fc2.com/tag)

FC2 fc2.com Online Website URLs XSS (cross site scripting) Vulnerabilities (All URLs Under Domain blog.fc2.com/tag)   Domain: blog.fc2.com/ “FC2 (founded July 20, 1999) is a popular Japanese blogging host, the third most popular video hosting service in Japan (after YouTube… Continue Reading

SITEFACT CMS XSS (Cross-site Scripting) Web Security Vulnerabilities

SITEFACT CMS XSS (Cross-site Scripting) Web Security Vulnerabilities   Exploit Title: SITEFACT CMS content.php? &id Parameter XSS Security Vulnerabilities Product: SITEFACT CMS (Content Management System) Vendor: SITEFACT Vulnerable Versions: version 2.01 Tested Version: version 2.01 Advisory Publication: May 24, 2015… Continue Reading

OSVDB 119342, 119323 NetCat CMS Multiple HTTP Response Splitting (CRLF) Web Security Vulnerabilities

  OSVDB 119342, 119323 NetCat CMS Multiple HTTP Response Splitting (CRLF) Web Security Vulnerabilities   Exploit Title: NetCat CMS Multiple CRLF Security Vulnerabilities Product: NetCat CMS (Content Management System) Vendor: NetCat Vulnerable Versions: 5.01 3.12 3.0 2.4 2.3 2.2 2.1… Continue Reading

CVE-2014-9468 InstantASP InstantForum.NET Multiple XSS (Cross-Site Scripting) Security Vulnerabilities

CVE-2014-9468 InstantASP InstantForum.NET Multiple XSS (Cross-Site Scripting) Security Vulnerabilities   Exploit Title: InstantASP InstantForum.NET Multiple XSS (Cross-Site Scripting) Security Vulnerabilities Product: InstantForum.NET Vendor: InstantASP Vulnerable Versions: v4.1.3   v4.1.1   v4.1.2   v4.0.0   v4.1.0   v3.4.0 Tested Version: v4.1.3… Continue Reading

CVE-2014-9469 vBulletin XSS (Cross-Site Scripting) Security Vulnerabilities

CVE-2014-9469 vBulletin XSS (Cross-Site Scripting) Web Security Vulnerabilities   Exploit Title: vBulletin XSS (Cross-Site Scripting) Web Security Vulnerabilities Product: vBulletin Forum Vendor: vBulletin Vulnerable Versions: 5.1.3 5.0.5 4.2.2 3.8.7 3.6.7 3.6.0 3.5.4 Tested Version: 5.1.3 4.2.2 Advisory Publication: February 12,… Continue Reading

CVE-2015-1475 – My Little Forum Multiple XSS Security Vulnerabilities

  CVE-2015-1475  – My Little Forum Multiple XSS Web Security Vulnerabilities   Exploit Title: My Little Forum Multiple XSS Web Security Vulnerabilities Vendor: My Little Forum Product: My Little Forum Vulnerable Versions: 2.3.3  2.2  1.7 Tested Version: 2.3.3  2.2  1.7… Continue Reading

CVE-2014-7294 NYU OpenSSO Integration Open Redirect Security Vulnerability

CVE-2014-7294 NYU OpenSSO Integration 2.1 Dest Privilege Escalation Web Security Vulnerability       Exploit Title: NYU OpenSSO Integration Logon Page url Parameter Open Redirect Product: OpenSSO Integration Vendor: NYU Vulnerable Versions: 2.1 and probability prior Tested Version: 2.1 Advisory Publication: December 14, 2014… Continue Reading

CVE-2014-7293 NYU OpenSSO Integration XSS (Cross-Site Scripting) Security Vulnerability

  CVE-2014-7293  NYU OpenSSO Integration XSS (Cross-Site Scripting) Web Security Vulnerability         Exploit Title: NYU OpenSSO Integration Logon Page url Parameter XSS Product: OpenSSO Integration Vendor: NYU  Vulnerable Versions: 2.1 and probability prior Tested Version: 2.1 Advisory… Continue Reading

CVE-2014-8489 Ping Identity Corporation “PingFederate 6.10.1 SP Endpoints” Dest Redirect Privilege Escalation Security Vulnerability

  CVE-2014-8489 Ping Identity Corporation “PingFederate 6.10.1 SP Endpoints” Open Redirect Web Security Vulnerability   Exploit Title: “Ping Identity Corporation” “PingFederate 6.10.1 SP Endpoints” Dest Redirect Privilege Escalation Web Security Vulnerability Product: PingFederate 6.10.1 SP Endpoints Vendor: Ping Identity Corporation… Continue Reading