7736 matches found
youtube-trends.blogspot.ro XSS vulnerability
Vulnerable URL: http://youtube-trends.blogspot.ro/search?q=%3C/script%3E%3Cscript%3Ealert%28%27+XSSPOSED%27%29%3C/script%3E Details: Description| Value ---|--- Patched:| Yes, at 17.05.2016 Latest check for patch:| 17.05.2016 17:45 GMT Vulnerability type:| XSS Vulnerability status:| Publicly...
youtube-trends.blogspot.ch XSS vulnerability
Vulnerable URL: http://youtube-trends.blogspot.ch/search?q=%3C/script%3E%3Cscript%3Ealert%28%27+XSSPOSED%27%29%3C/script%3E Details: Description| Value ---|--- Patched:| Yes, at 17.05.2016 Latest check for patch:| 17.05.2016 17:44 GMT Vulnerability type:| XSS Vulnerability status:| Publicly...
youtube-trends.blogspot.in XSS vulnerability
Vulnerable URL: http://youtube-trends.blogspot.in/search?q=%3C/script%3E%3Cscript%3Ealert%28%27+XSSPOSED%27%29%3C/script%3E Details: Description| Value ---|--- Patched:| Yes, at 17.05.2016 Latest check for patch:| 17.05.2016 17:41 GMT Vulnerability type:| XSS Vulnerability status:| Publicly...
youtube-trends.blogspot.com.br XSS vulnerability
Vulnerable URL: http://youtube-trends.blogspot.com.br/search?q=%3C/script%3E%3Cscript%3Ealert%28%27+XSSPOSED%27%29%3C/script%3E Details: Description| Value ---|--- Patched:| Yes, at 17.05.2016 Latest check for patch:| 17.05.2016 17:42 GMT Vulnerability type:| XSS Vulnerability status:| Publicly...
youtube-trends.blogspot.com.ar XSS vulnerability
Vulnerable URL: http://youtube-trends.blogspot.com.ar/search?q=%3C/script%3E%3Cscript%3Ealert%28%27+XSSPOSED%27%29%3C/script%3E Details: Description| Value ---|--- Patched:| Yes, at 17.05.2016 Latest check for patch:| 17.05.2016 17:43 GMT Vulnerability type:| XSS Vulnerability status:| Publicly...
moreover.com XSS vulnerability
Vulnerable URL: http://moreover.com/blog/?s=%22%3E%3C/script%3E%3Csvg%20onload=alert%28%27XSSPOSED%27%29;%3E Details: Description| Value ---|--- Patched:| Yes, at 10.03.2017 Latest check for patch:| 10.03.2017 14:52 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank...
SQL Buddy 1.3.3 Cross Site Scripting
Security Advisory - Curesec Research Team 1. Introduction Affected Product: SQL Buddy 1.3.3 Fixed in: not fixed Fixed Version Link: n/a Vendor Contact: [email protected] Vulnerability Type: XSS Remote Exploitable: Yes Reported to vendor: 08/18/2015 Disclosed to public: 10/07/2015 Release...
Daily Mail Unvalidated Redirect / Cross Site Scripting
Daily Mail Registration Page Unvalidated Redirects and Forwards & XSS Web Security Problem Website Description: "The Daily Mail is a British daily middle-market tabloid newspaper owned by the Daily Mail and General Trust. First published in 1896 by Lord Northcliffe, it is the United Kingdom's...
pixnet.net XSS vulnerability
Vulnerable URL: https://www.pixnet.net/blog Details: Description| Value ---|--- Patched:| No Latest check for patch:| 25.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 93 Google Pagerank| 7 VIP website status:| Yes Check pixnet.net SSL connection:| Grade: A...
moz.com XSS vulnerability
Vulnerable URL: https://moz.com/blog/category/advanced-seo?x" Details: Description| Value ---|--- Patched:| Yes, at 23.11.2017 Latest check for patch:| 23.11.2017 09:03 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 1036 Google Pagerank| 6 VIP website status:|...
doomby.com XSS vulnerability
Vulnerable URL: http://www.doomby.com/blog/do/search?q=%3C/title%3E%3Cimg%20src=x%20onerror=prompt%28/XSSPOSED/%29%3E Details: Description| Value ---|--- Patched:| Yes, at 21.11.2015 Latest check for patch:| 21.11.2015 22:00 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed...
Pligg CMS 2.0.2 - Directory Traversal
Pligg CMS 2.0.2 - Directory Traversal Security Advisory - Curesec Research Team 1. Introduction Affected Product: Pligg CMS 2.0.2 Fixed in: not fixed Fixed Version Link: n/a Vendor Website: http://pligg.com/ Vulnerability Type: Directory Traversal Remote Exploitable: Yes Reported to vendor:...
Pligg CMS 2.0.2 - Cross-Site Request Forgery Code Execution
Pligg CMS 2.0.2 - Cross-Site Request Forgery Code Execution Security Advisory - Curesec Research Team 1. Introduction Affected Product: Pligg CMS 2.0.2 Fixed in: not fixed Fixed Version Link: n/a Vendor Website: http://pligg.com/ Vulnerability Type: Code Execution & CSRF Remote Exploitable: Yes...
tvblog.it XSS vulnerability
Vulnerable URL: http://www.tvblog.it/cerca/%27%7D;alert%28%27XSSPOSED%27%29;lol=%7Blol:%27lol Details: Description| Value ---|--- Patched:| No Latest check for patch:| 25.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 26918 Google Pagerank| 5 VIP website...
October 2015 Oracle Critical Patch Update
Oracle on Tuesday patched 154 vulnerabilities in 54 different products as part of its regularly scheduled Critical Patch Update. More than half of the patches, 84 to be exact, address vulnerabilities that Oracle claims may be remotely exploitable without authentication. Java SE is responsible for...
Zpanel - Remote Code Execution (Metasploit)
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'msf/core/exploit/phpexe' require 'nokogiri' require 'uri' class Metasploit3 'Zpanel Remote Unauthenticated RCE', 'Description' = %q This modul...
Radancy: XSS risk reduction with X-XSS-Protection: 1; mode=block header
As you can read for example on this Microsoft blog http://blogs.msdn.com/b/ieinternals/archive/2011/01/31/controlling-the-internet-explorer-xss-filter-with-the-x-xss-protection-http-header.aspx: " ... X-XSS-Protection: 1; mode=block When this token is present, if a potential XSS Reflection attack...
Hackers Backdooring Cisco WebVPN To Steal Customers’ Passwords
Virtual Private Networks VPNs, which is widely used by many businesses and organisations to provide secure access to their workers, are being abused to pilfer corporate user credentials. Researchers from security firm Volexity discovered a new attack campaign that targets a widely used VPN produc...
Microsoft has Built its own Linux Operating System
Sit Tight on your seats, because you're gonna get a Shock. Microsoft has developed an Operating System powered by LINUX. Close your mouth first. It’s True! Microsoft has built its own Linux-based operating system called Azure Cloud Switch ACS and believe me, under Satya Nadella, Microsoft has...
SQL Injection Vulnerability in Qibo Blog System
Zibo Blog System is a multi-user blog system. There is a SQL injection leak in the Qibo Blog System. The SQL injection vulnerability is caused due to uninitialized $TBpre in the '/blog/template/space/file/listbbs.php' function, which is registered according to a pseudo-global variable in the Qibo...