CXSecurity WLB-2015040034 6kbbs v8.0 Multiple CSRF (Cross-Site Request Forgery) Web Security Vulnerabilities

  CXSecurity WLB-2015040034 6kbbs v8.0 Multiple CSRF (Cross-Site Request Forgery) Web Security Vulnerabilities   Exploit Title: 6kbbs Multiple CSRF (Cross-Site Request Forgery) Security Vulnerabilities Vendor: 6kbbs Product: 6kbbs Vulnerable Versions: v7.1 v8.0 Tested Version: v7.1 v8.0 Advisory Publication: April 02,… Continue Reading

CVE-2015-2563, CVE-2008-4157 (Part) – Vastal I-tech phpVID 1.2.3 SQL Injection Web Security Vulnerabilities

CVE-2015-2563, CVE-2008-4157 (Part) – Vastal I-tech phpVID 1.2.3 SQL Injection Web Security Vulnerabilities   Exploit Title: CVE-2015-2563 Vastal I-tech phpVID /groups.php Multiple Parameters SQL Injection Web Security Vulnerabilities Product: phpVID Vendor: Vastal I-tech Vulnerable Versions: 1.2.3 0.9.9 Tested Version: 1.2.3… Continue Reading

CVE-2015-2349 – SuperWebMailer 5.50.0.01160 XSS (Cross-site Scripting) Web Security Vulnerabilities

CVE-2015-2349 – SuperWebMailer 5.50.0.01160 XSS (Cross-site Scripting) Web Security Vulnerabilities Exploit Title: CVE-2015-2349 – SuperWebMailer /defaultnewsletter.php” HTMLForm Parameter XSS Web Security Vulnerabilities Product: SuperWebMailer Vendor: SuperWebMailer Vulnerable Versions: 5.*.0.*   4.*.0.* Tested Version: 5.*.0.*   4.*.0.* Advisory Publication: March 11,… Continue Reading

CVE-2015-2209 – DLGuard Full Path Disclosure (Information Leakage) Web Security Vulnerabilities

  CVE-2015-2209 – DLGuard Full Path Disclosure (Information Leakage) Web Security Vulnerabilities Exploit Title: DLGuard “/index.php?” “&c” parameter Full Path Disclosure Web Security Vulnerabilities Product: DLGuard Vendor: DLGuard Vulnerable Versions: v4.5 Tested Version: v4.5 Advisory Publication: January 18, 2015 Latest… Continue Reading

The Weather Channel weather.com Almost All Links Vulnerable to XSS Attacks

The Weather Channel at Least 76.3% Links Vulnerable to XSS Attacks     Domain Description: http://www.weather.com/   “The Weather Channel is an American basic cable and satellite television channel which broadcasts weather forecasts and weather-related news and analyses, along with… Continue Reading

GetPocket getpocket.com CSRF (Cross-Site Request Forgery ) Web Security Vulnerability

  GetPocket getpocket.com CSRF (Cross-Site Request Forgery ) Web Security Vulnerability   Domain: getpocket.com “Pocket was founded in 2007 by Nate Weiner to help people save interesting articles, videos and more from the web for later enjoyment. Once saved to… Continue Reading