Feed2JS v1.7 XSS (Cross-site Scripting) Web Security Vulnerabilities

Feed2JS v1.7 XSS (Cross-site Scripting) Web Security Vulnerabilities   Exploit Title: Feed2JS v1.7 magpie_debug.php? &url parameter XSS Security Vulnerabilities Product: Feed2JS Vendor: feed2js.org Vulnerable Versions: v1.7 Tested Version: v1.7 Advisory Publication: May 09, 2015 Latest Update: May 09, 2015 Vulnerability… Continue Reading

CVE-2015-2563, CVE-2008-4157 (Part) – Vastal I-tech phpVID 1.2.3 SQL Injection Web Security Vulnerabilities

CVE-2015-2563, CVE-2008-4157 (Part) – Vastal I-tech phpVID 1.2.3 SQL Injection Web Security Vulnerabilities   Exploit Title: CVE-2015-2563 Vastal I-tech phpVID /groups.php Multiple Parameters SQL Injection Web Security Vulnerabilities Product: phpVID Vendor: Vastal I-tech Vulnerable Versions: 1.2.3 0.9.9 Tested Version: 1.2.3… Continue Reading

CVE-2015-2349 – SuperWebMailer 5.50.0.01160 XSS (Cross-site Scripting) Web Security Vulnerabilities

CVE-2015-2349 – SuperWebMailer 5.50.0.01160 XSS (Cross-site Scripting) Web Security Vulnerabilities Exploit Title: CVE-2015-2349 – SuperWebMailer /defaultnewsletter.php” HTMLForm Parameter XSS Web Security Vulnerabilities Product: SuperWebMailer Vendor: SuperWebMailer Vulnerable Versions: 5.*.0.*   4.*.0.* Tested Version: 5.*.0.*   4.*.0.* Advisory Publication: March 11,… Continue Reading

CVE-2015-2209 – DLGuard Full Path Disclosure (Information Leakage) Web Security Vulnerabilities

  CVE-2015-2209 – DLGuard Full Path Disclosure (Information Leakage) Web Security Vulnerabilities Exploit Title: DLGuard “/index.php?” “&c” parameter Full Path Disclosure Web Security Vulnerabilities Product: DLGuard Vendor: DLGuard Vulnerable Versions: v4.5 Tested Version: v4.5 Advisory Publication: January 18, 2015 Latest… Continue Reading

CVE-2014-9557 SmartCMS Multiple XSS (Cross-Site Scripting) Security Vulnerability

CVE-2014-9557 SmartCMS Multiple XSS (Cross-Site Scripting) Security Vulnerability   Exploit Title: Smartwebsites SmartCMS v.2 Multiple XSS Security Vulnerabilities Product: SmartCMS v.2 Vendor: Smartwebsites Vulnerable Versions: v.2 Tested Version: v.2 Advisory Publication: Jan 22, 2015 Latest Update: Jan 22, 2015 Vulnerability… Continue Reading

Yahoo and Yahoo Japan May be Vulnerable to Spams

  Yahoo and Yahoo Japan May be Vulnerable to Spams   Student security researcher Wang Jing from School of Physical and Mathematical Sciences at Nanyang Technological University, Singapore, has found new security vulnerabilities related to Yahoo. After reporting several Open… Continue Reading

76.3% WEATHER CHANNEL WEBSITE LINKS VULNERABLE TO REFLECTED CROSS-SITE SCRIPTING (XSS)

Popular Weather Channel web site (Weather.com) has been found to be vulnerable to a reflected Cross-Site Scripting flaw, according to security researcher Wang Jing’s research. The vulnerability lies in that Weather.com does not filter malicious script codes when constructing HTML… Continue Reading

Articles of New York Times Before 2013 May Vulnerable to XSS Attacks

  New York Times articles’ pages dated before 2013 may suffer from an XSS (Cross-site Scripting) vulnerability, according to the report posted by security researcher Wang Jing. Wang is a mathematics Ph.D student from School of Physical and Mathematical Sciences,… Continue Reading