Hackers Exploited Krpano Framework Flaw to Inject Spam Ads on 350+ Websites

A cross-site scripting XSS vulnerability in a virtual tour framework has been weaponized by malicious actors to inject malicious scripts across hundreds of websites with the goal of manipulating search results and fueling a spam ads campaign at scale. Security researcher Oleg Zaytsev, in a report...

Automattic: Reflected XSS on a Atavist theme

Summary: Hi team, I found Reflected XSS at a Atavist theme and there are a lot of affected websites. I don't know the theme's name but it's in use at https://magazine.atavist.com/ Just write alertdocument.domain to search field...

Google Blocks High Profile Sites After Advertising Provider NetSeer is Hacked

Google Chrome users, among others, couldn’t access some of the most popular Web sites Monday after an advertising network’s corporate Web site was injected with malware. But, according to the ad company’s chief executive, those sites were safe. Those who called up sites such as The Huffington Pos...

Osmodia Bulletin Board 1.x (admin.txt) File Disclosure Vulnerability

No description provided by source. --------------------------------------------------------- Portal Name: Osmodia Bulletin Board Version : All Version Author : PouyaServer , [email protected] Website: http://Pouya-Server.ir --------------------------------------------------------- Xpl:...