CVE-2015-4135 phpwind v8.7 XSS (Cross-site Scripting) Web Security Vulnerabilities

CVE-2015-4135 phpwind v8.7 XSS (Cross-site Scripting) Web Security Vulnerabilities   Exploit Title: phpwind v8.7 goto.php? &url Parameter XSS Security Vulnerabilities Product: phpwind Vendor: phpwind Vulnerable Versions: v8.7 Tested Version: v8.7 Advisory Publication: May 25, 2015 Latest Update: May 25, 2015… Continue Reading

SITEFACT CMS XSS (Cross-site Scripting) Web Security Vulnerabilities

SITEFACT CMS XSS (Cross-site Scripting) Web Security Vulnerabilities   Exploit Title: SITEFACT CMS content.php? &id Parameter XSS Security Vulnerabilities Product: SITEFACT CMS (Content Management System) Vendor: SITEFACT Vulnerable Versions: version 2.01 Tested Version: version 2.01 Advisory Publication: May 24, 2015… Continue Reading

CXSecurity WLB-2015040034 6kbbs v8.0 Multiple CSRF (Cross-Site Request Forgery) Web Security Vulnerabilities

  CXSecurity WLB-2015040034 6kbbs v8.0 Multiple CSRF (Cross-Site Request Forgery) Web Security Vulnerabilities   Exploit Title: 6kbbs Multiple CSRF (Cross-Site Request Forgery) Security Vulnerabilities Vendor: 6kbbs Product: 6kbbs Vulnerable Versions: v7.1 v8.0 Tested Version: v7.1 v8.0 Advisory Publication: April 02,… Continue Reading

CVE-2014-9468 InstantASP InstantForum.NET Multiple XSS (Cross-Site Scripting) Security Vulnerabilities

CVE-2014-9468 InstantASP InstantForum.NET Multiple XSS (Cross-Site Scripting) Security Vulnerabilities   Exploit Title: InstantASP InstantForum.NET Multiple XSS (Cross-Site Scripting) Security Vulnerabilities Product: InstantForum.NET Vendor: InstantASP Vulnerable Versions: v4.1.3   v4.1.1   v4.1.2   v4.0.0   v4.1.0   v3.4.0 Tested Version: v4.1.3… Continue Reading

CVE-2014-9469 vBulletin XSS (Cross-Site Scripting) Security Vulnerabilities

CVE-2014-9469 vBulletin XSS (Cross-Site Scripting) Web Security Vulnerabilities   Exploit Title: vBulletin XSS (Cross-Site Scripting) Web Security Vulnerabilities Product: vBulletin Forum Vendor: vBulletin Vulnerable Versions: 5.1.3 5.0.5 4.2.2 3.8.7 3.6.7 3.6.0 3.5.4 Tested Version: 5.1.3 4.2.2 Advisory Publication: February 12,… Continue Reading

CVE-2015-1475 – My Little Forum Multiple XSS Security Vulnerabilities

  CVE-2015-1475  – My Little Forum Multiple XSS Web Security Vulnerabilities   Exploit Title: My Little Forum Multiple XSS Web Security Vulnerabilities Vendor: My Little Forum Product: My Little Forum Vulnerable Versions: 2.3.3  2.2  1.7 Tested Version: 2.3.3  2.2  1.7… Continue Reading

About Group (about.com) All Topics (At least 99.88% links) Vulnerable to XSS & Iframe Injection Security Attacks, About.com Open Redirect Web Security Vulnerabilities

About Group (about.com) All Topics (At least 99.88% links) Vulnerable to XSS & Iframe Injection Security Attacks, About.com Open Redirect Security Vulnerabilities   Vulnerability Description: About.com all “topic sites” are vulnerable to XSS (Cross-Site Scripting) and Iframe Injection (Cross Frame… Continue Reading

CVE-2014-7294 NYU OpenSSO Integration Open Redirect Security Vulnerability

CVE-2014-7294 NYU OpenSSO Integration 2.1 Dest Privilege Escalation Web Security Vulnerability       Exploit Title: NYU OpenSSO Integration Logon Page url Parameter Open Redirect Product: OpenSSO Integration Vendor: NYU Vulnerable Versions: 2.1 and probability prior Tested Version: 2.1 Advisory Publication: December 14, 2014… Continue Reading

CVE-2014-7293 NYU OpenSSO Integration XSS (Cross-Site Scripting) Security Vulnerability

  CVE-2014-7293  NYU OpenSSO Integration XSS (Cross-Site Scripting) Web Security Vulnerability         Exploit Title: NYU OpenSSO Integration Logon Page url Parameter XSS Product: OpenSSO Integration Vendor: NYU  Vulnerable Versions: 2.1 and probability prior Tested Version: 2.1 Advisory… Continue Reading