CVE-2014-9562 OptimalSite Content Management System (CMS) XSS (Cross-Site Scripting) Security Vulnerabilities

CVE-2014-9562 OptimalSite Content Management System (CMS) XSS (Cross-Site Scripting) Web Security Vulnerabilities Exploit Title: OptimalSite CMS /display_dialog.php image Parameter XSS Web Security Vulnerability Vendor: OptimalSite Product: OptimalSite Content Management System (CMS) Vulnerable Versions: V.1 V2.4 Tested Version: V.1 V2.4 Advisory… Continue Reading

CVE-2014-9558 SmartCMS Multiple SQL Injection Security Vulnerability

CVE-2014-9558 SmartCMS Multiple SQL Injection Security Vulnerability       Exploit Title: Smartwebsites SmartCMS v.2 Multiple SQL Injection Security Vulnerabilities Product: SmartCMS v.2 Vendor: Smartwebsites Vulnerable Versions: v.2 Tested Version: v.2 Advisory Publication: Jan 22, 2015 Latest Update: Jan 22,… Continue Reading

76.3% WEATHER CHANNEL WEBSITE LINKS VULNERABLE TO REFLECTED CROSS-SITE SCRIPTING (XSS)

Popular Weather Channel web site (Weather.com) has been found to be vulnerable to a reflected Cross-Site Scripting flaw, according to security researcher Wang Jing’s research. The vulnerability lies in that Weather.com does not filter malicious script codes when constructing HTML… Continue Reading

CVE-2014-7290 Atlas Systems Aeon XSS (Cross-Site Scripting) Vulnerability

CVE-2014-7290  Atlas Systems Aeon XSS (Cross-Site Scripting) Vulnerability Exploit Title: Atlas Systems Aeon XSS Vulnerability Product: Aeon Vendor: Atlas Systems Vulnerable Versions: 3.6 3.5 Tested Version: 3.6 Advisory Publication: Nov 12, 2014 Latest Update: Nov 12, 2014 Vulnerability Type: Cross-Site… Continue Reading

The New York Times(Nytimes.com) Covert Redirect Web Security Bug Based on Google Doubleclick.net

                    (1) WebSite: nytimes.com “The New York Times (NYT) is an American daily newspaper, founded and continuously published in New York City since September 18, 1851, by the New York Times… Continue Reading

Google Online Service OpenID Covert Redirect Web Security Bugs (Information Leakage & Open Redirect)

    Google Online Service OpenID Covert Redirect Web Security Bugs (Information Leakage & Open Redirect) (1) Domain: google.com   “Google has been estimated to run more than one million servers in data centers around the world (as of 2007).… Continue Reading

Internet Users Threatened by New Security Flaw, Covert Redirect

  A serious flaw in two widely used security standards could give anyone access to your account information at Google, Microsoft, Facebook, Twitter and many other online services. The flaw, dubbed “Covert Redirect” by its discoverer, exists in two open-source… Continue Reading