Lucene search
K

853 matches found

The Hacker News
The Hacker News
added 2014/10/08 9:19 p.m.19 views

SQL Injection Vulnerability in 'Yahoo! Contributors Network'

Yahoo! Contributors Network contributor.yahoo.com, the network of authors that generated the contents such as photographs, videos, articles and their knowledge to more than 600 million monthly visitors, was vulnerable to a Time based Blind SQL Injection vulnerability. Behrouz Sadeghipour, a...

8.4AI score
Exploits0
NVD
NVD
added 2014/07/01 2:55 p.m.13 views

CVE-2014-4533

Cross-site scripting XSS vulnerability in ajaxfunctions.php in the GEO Redirector plugin 1.0.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the hidid parameter...

4.3CVSS5.8AI score0.01629EPSS
Exploits1References1
Prion
Prion
added 2014/07/01 2:55 p.m.13 views

Cross site scripting

Cross-site scripting XSS vulnerability in ajaxfunctions.php in the GEO Redirector plugin 1.0.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the hidid parameter...

4.3CVSS6.3AI score0.01629EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2014/07/01 2:0 p.m.17 views

CVE-2014-4533

Cross-site scripting XSS vulnerability in ajaxfunctions.php in the GEO Redirector plugin 1.0.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the hidid parameter...

5.8AI score0.01629EPSS
Exploits1References1
Patchstack
Patchstack
added 2014/06/23 12:0 a.m.17 views

WordPress GEO Redirect Plugin <= 1.0.1 - XSS

Because of this vulnerability in ajaxfunctions.php, the attackers can inject arbitrary web script or HTML via the "hidid" parameter. Solution Update the plugin...

4.3CVSS2.9AI score0.01629EPSS
Exploits1References1Affected Software1
WPVulnDB
WPVulnDB
added 2014/04/25 12:0 a.m.17 views

Geo Redirector <= 1.0.1 - XSS

Plugin is still affected and has been closed...

4.3CVSS2.4AI score0.01629EPSS
Exploits1References1Affected Software1
The Hacker News
The Hacker News
added 2014/02/19 11:24 p.m.11 views

Tinder Online Dating app vulnerability revealed Exact Location of Users

Using Popular Online Dating app - Tinder on iPhone?? Then you are at significant risk that exposed members' private information without their knowledge. Online Dating app Tinder, available for the iPhone from the app store, has become incredibly popular in the past few months. Tinder app allows y...

6.7AI score
Exploits0
0day.today
0day.today
added 2014/02/19 12:0 a.m.19 views

osCommerce v2.x SQL Injection Vulnerability

Exploit for php platform in category web applications Title: osCommerce v2.x SQL Injection Vulnerability Dork: Powered by osCommerce Author: Ahmed Aboul-Ela Contact: ahmed.aboul3laatgmaildotcom - http://twitter.com/secgeek Vendor : http://www.oscommerce.com Version: v2.3.3.4 current latest releas...

7.1AI score
Exploits0
Kitploit
Kitploit
added 2014/01/20 11:19 p.m.18 views

[IPhone Analyzer] IPhone Forensics Tool

iPhone Analzyer allows you to forensically examine or recover date from in iOS device. It principally works by importing backups produced by iTunes or third party software, and providing you with a rich interface to explore, analyse and recover data in human readable formats. Because it works fro...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2013/12/04 2:0 p.m.9 views

Two Million stolen Facebook, Twitter login credentials found on 'Pony Botnet' Server

Security researchers at Trustwave's SpiderLabs found a Netherlands-based Pony Botnet Controller Server with almost two Million usernames and passwords, stolen by cybercriminals from users of Facebook, Twitter, Google, Yahoo and other websites. In a blog post, the researchers mentioned that after...

6.9AI score
Exploits0
ThreatPost
ThreatPost
added 2013/06/21 12:44 p.m.20 views

New Dirt Jumper Variant 'Drive' More Refined Than Original

Researchers have detected new attacks originating from a souped-up variant of the DIY Dirt Jumper DDoS toolkit they’ve taken to calling Drive. While it hasn’t been seen spreading through any underground forums yet, the up-and-coming threat apparently boasts a “much more powerful DDoS engine than...

0.9AI score
Exploits0References4
ThreatPost
ThreatPost
added 2013/06/17 11:42 a.m.10 views

Apple Fields Data Requests for 10,000 Users Accounts

Since December, U.S. law enforcement agencies have made between 4,000 and 5,000 requests for customer data from Apple on as many 10,000 user accounts, the company said in a statement released last night. Apple said in the wake of allegations that it participates in feeding the U.S. government...

Exploits0References6
ThreatPost
ThreatPost
added 2013/01/16 4:53 p.m.12 views

Precision Bouncer List Phishing Kits Keep Targets Inside the Ropes

Just when you thought phishers had exhausted all avenues of innovation, a new tactic has emerged in attacks against financial institutions bringing the level of targeting and geo-filtering to precise new levels. Dubbed bouncer list phishing by RSA Security, these attack kits are built off stolen...

7AI score
Exploits0References3
The Hacker News
The Hacker News
added 2013/01/15 10:49 a.m.45 views

Operation Red October : Cyber Espionage campaign against many Governments

A new sensational discovered has been announced by Kaspersky Lab's Global Research & Analysis Team result of an investigation after several attacks hit computer networks of various international diplomatic service agencies. A new large scale cyber-espionage operation has been discovered, named Re...

9.3CVSS7.1AI score0.99966EPSS
Exploits35
Kitploit
Kitploit
added 2013/01/12 5:55 p.m.31 views

Video Beef - Get Protocols And Geolocation

How to get protocols and geo-location using BeEF Browser Exploitation Framework. This attack will require Java. In GeoLocation you will get almost full address and latitude and longitude and find the perfect location using Google Map...

7.2AI score
Exploits0
RedHat Linux
RedHat Linux
added 2012/11/12 6:45 p.m.33 views

Low: Red Hat Security Advisory: Red Hat Storage 2.0 security, bug fix, and enhancement update #3

Updated glusterfs packages that fix multiple security issues, several bugs, and contain enhancements are now available for Red Hat Storage 2.0. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which give...

3.6CVSS5.9AI score0.00336EPSS
Exploits0References10
The Hacker News
The Hacker News
added 2012/10/30 8:2 p.m.44 views

Researchers caught espionage malware mastermind on webcam

In march 2011 CERT-Georgia has Discovered Cyber Espionage Attack Incident on country of Georgia. Advanced Malicious Software was Collecting Sensitive, Confidential Information about Georgian and American Security Documents and then uploading it to some of Command and Control Servers. After a...

9.3CVSS6.9AI score0.77721EPSS
Exploits18
Packet Storm
Packet Storm
added 2012/10/17 12:0 a.m.81 views

Unirgy uStoreLocator Magento Extension SQL Injection

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: SQL Injection product: Unirgy uStoreLocator - Magento extension vulnerable version: =2.0.1 impact: High homepage: http://www.unirgy.com/ found: 2012-06-18 by: K...

0.3AI score
Exploits0
The Hacker News
The Hacker News
added 2012/10/13 6:57 p.m.6 views

FBI Warning : New Malware attacking Android smartphones

Users should be aware that Cyber criminals are finding new ways to install malicious software on devices. The latest threat to Android phone users, according to the FBI, is a "work-at-home opportunity that promises a profitable payday just for sending out email." The IC3 has been made aware of...

6.7AI score
Exploits0
n0where
n0where
added 2012/08/08 7:53 p.m.28 views

Wireless Security Auditing: Fern Wifi Cracker

Fern Wifi Cracker is a Wireless security auditing and attack software program written using the Python Programming Language and the Python Qt GUI library , the program is able to crack and recover WEP/WPA/WPS keys and also run other network based attacks on wireless or ethernet based networks Fer...

0.4AI score
Exploits0
Rows per page
Query Builder