FC2 fc2.com Online Website URLs XSS (cross site scripting) Vulnerabilities (All URLs Under Domain blog.fc2.com/tag)

FC2 fc2.com Online Website URLs XSS (cross site scripting) Vulnerabilities (All URLs Under Domain blog.fc2.com/tag)   Domain: blog.fc2.com/ “FC2 (founded July 20, 1999) is a popular Japanese blogging host, the third most popular video hosting service in Japan (after YouTube… Continue Reading

CVE-2015-4135 phpwind v8.7 XSS (Cross-site Scripting) Web Security Vulnerabilities

CVE-2015-4135 phpwind v8.7 XSS (Cross-site Scripting) Web Security Vulnerabilities   Exploit Title: phpwind v8.7 goto.php? &url Parameter XSS Security Vulnerabilities Product: phpwind Vendor: phpwind Vulnerable Versions: v8.7 Tested Version: v8.7 Advisory Publication: May 25, 2015 Latest Update: May 25, 2015… Continue Reading

SITEFACT CMS XSS (Cross-site Scripting) Web Security Vulnerabilities

SITEFACT CMS XSS (Cross-site Scripting) Web Security Vulnerabilities   Exploit Title: SITEFACT CMS content.php? &id Parameter XSS Security Vulnerabilities Product: SITEFACT CMS (Content Management System) Vendor: SITEFACT Vulnerable Versions: version 2.01 Tested Version: version 2.01 Advisory Publication: May 24, 2015… Continue Reading

Gcon Tech Solutions v1.0 XSS (Cross-site Scripting) Web Security Vulnerabilities

Gcon Tech Solutions v1.0 XSS (Cross-site Scripting) Web Security Vulnerabilities   Exploit Title: Gcon Tech Solutions v1.0 content.php? &id Parameter XSS Security Vulnerabilities Product: Gcon Tech Solutions Vendor: Gcon Tech Solutions Vulnerable Versions: v1.0 Tested Version: v1.0 Advisory Publication: May… Continue Reading

CXSecurity WLB-2015040034 6kbbs v8.0 Multiple CSRF (Cross-Site Request Forgery) Web Security Vulnerabilities

  CXSecurity WLB-2015040034 6kbbs v8.0 Multiple CSRF (Cross-Site Request Forgery) Web Security Vulnerabilities   Exploit Title: 6kbbs Multiple CSRF (Cross-Site Request Forgery) Security Vulnerabilities Vendor: 6kbbs Product: 6kbbs Vulnerable Versions: v7.1 v8.0 Tested Version: v7.1 v8.0 Advisory Publication: April 02,… Continue Reading

CVE-2014-8753 Cit-e-Net Multiple XSS (Cross-Site Scripting) Web Security Vulnerabilities

CVE-2014-8753 Cit-e-Net Multiple XSS (Cross-Site Scripting) Web Security Vulnerabilities Exploit Title: Cit-e-Net Multiple XSS (Cross-Site Scripting) Web Security Vulnerabilities Product: Cit-e-Access Vendor: Cit-e-Net Vulnerable Versions: Version 6 Tested Version: Version 6 Advisory Publication: February 12, 2015 Latest Update: June 01,… Continue Reading

About Group (about.com) All Topics (At least 99.88% links) Vulnerable to XSS & Iframe Injection Security Attacks, About.com Open Redirect Web Security Vulnerabilities

About Group (about.com) All Topics (At least 99.88% links) Vulnerable to XSS & Iframe Injection Security Attacks, About.com Open Redirect Security Vulnerabilities   Vulnerability Description: About.com all “topic sites” are vulnerable to XSS (Cross-Site Scripting) and Iframe Injection (Cross Frame… Continue Reading

CNN Travel.cnn.com XSS and Ads.cnn.com Open Redirect Web Security Vulnerabilities

  CNN Travel.cnn.com XSS and Ads.cnn.com Open Redirect Web Security Vulnerabilities   Domain: http://cnn.com   “The Cable News Network (CNN) is an American basic cable and satellite television channel that is owned by the Turner Broadcasting System division of Time… Continue Reading

All Links to New York Times Articles Prior to 2013 Vulnerable to XSS Attacks

URLs to articles in New York Times (NYT) published before 2013 have been found to be vulnerable to an XSS (cross-site scripting) attack capable of delivering code to be executed in the context of the web browser.   Based on… Continue Reading