99 matches found
faro-consultancy.nl XSS vulnerability
Open Bug Bounty ID: OBB-515693 Description| Value ---|--- Affected Website:| faro-consultancy.nl Open Bug Bounty Program:| Not created yet Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N...
vietnamese-law-consultancy.com XSS vulnerability
Vulnerable URL: http://www.vietnamese-law-consultancy.com/advancedsearch.php?search=keyword=all=13'"7=a=======7 Details: Description| Value ---|--- Patched:| No Latest check for patch:| 31.12.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 10847320 VIP website...
Fixed in Apache Tomcat 8.0.44
Important: Security Constraint Bypass CVE-2017-5664 The error page mechanism of the Java Servlet Specification requires that, when an error occurs and an error page is configured for the error that occurred, the original request and response are forwarded to the error page. This means that the...
Fixed in Apache Tomcat 7.0.78
Important: Security Constraint Bypass CVE-2017-5664 The error page mechanism of the Java Servlet Specification requires that, when an error occurs and an error page is configured for the error that occurred, the original request and response are forwarded to the error page. This means that the...
Fixed in Apache Tomcat 9.0.0.M21
Important: Security Constraint Bypass CVE-2017-5664 The error page mechanism of the Java Servlet Specification requires that, when an error occurs and an error page is configured for the error that occurred, the original request and response are forwarded to the error page. This means that the...
Fixed in Apache Tomcat 8.5.15
Important: Security Constraint Bypass CVE-2017-5664 The error page mechanism of the Java Servlet Specification requires that, when an error occurs and an error page is configured for the error that occurred, the original request and response are forwarded to the error page. This means that the...
New .Secure Global TLD Proposed
A group of security experts is working to put together a new global TLD that will require companies and individuals applying for domains to adhere to strict security policies and requirements. The proposed .secure TLD is intended to be a known safe group of domains and would include mandatory use...
zSecure - Web Security Consultancy Hacked by Mr52
zSecure - Web Security Consultancy Hacked by Mr52 ZSecure.net - Web Security Consultancy services Provider hacked by Indian Hacker Mr52. Zsecure is the same firm who expose the Timesofmoney SQL Injection Vulnerability, Sify.com SQL Injection Vulnerability and Dukascopy.com SQL Injection...
zSecure - Web Security Consultancy Hacked by Mr52
zSecure - Web Security Consultancy Hacked by Mr52 ZSecure.net - Web Security Consultancy services Provider hacked by Indian Hacker Mr52. Zsecure is the same firm who expose the Timesofmoney SQL Injection Vulnerability, Sify.com SQL Injection Vulnerability and Dukascopy.com SQL Injection...
Unfixed XSS vulnerability at jobs.icsconsultancy.com
Security researcher AbSoluTeZeRo, has submitted on 07/07/2011 a cross-site-scripting XSS vulnerability affecting jobs.icsconsultancy.com, which at the time of submission ranked 683417 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 06/12/2011. ...
India's leading IT companies TCS (Tata Consultancy Services) & Tech Mahindra is also not Secure !
India's leading IT companies TCS Tata Consultancy Services & Tech Mahindra is also not Secure ! Here are some proofs submitted to THN : The Hacker News by a Indian hacker - THEDREAMBOY , as shown below , which can easily prove that , YES ! India's leading IT companies TCS Tata Consultancy Service...
IT Consultancy Defrauded of $100K
A New Hampshire-based IT consultancy lost nearly $100,000 this month after thieves broke into the company’s bank accounts with the help of 10 co-conspirators across the United States. Read the full article. KrebsonSecruity...
[GSEC-TZO-45-2009] iPhone remote code execution
Fell quite behind on this one, here it is. Phone &iPod Touch - Remote arbritary code execution Reference : GSEC-TZO-45-2009 - iPhone remote arbritary code execution WWW : http://www.g-sec.lu/iphone-remote-code-exec.html CVE : CVE-2009-1698 BID : 35318 Credit : http://support.apple.com/kb/HT3639...
Tuned Studios Templates - Local File Inclusion
Tuned Studios Templates - Local File Inclusion Digital Security Research Group DSecRG Advisory DSECRG08-001 Application: Tuned Studios Templates Versions Affected: All Vendor URL: http:/www.tunedstudios.com Bug: Local File Include Exploits: YES Reported: 09.01.2008 Date of Public Advisory:...
jetboxcms21-xss.txt
netVigilance Security Advisory 29 Jetbox CMS version 2.1 XSS Attack Vulnerability Description: Jetbox CMS is seriously tested on usability & has a professional intuitive interface. The system is role based, with workflow and module orientated. All content is fully separated from layout. It uses p...
[Full-disclosure] Jetbox CMS version 2.1 Multiple Path Disclosure Vulnerabilities
netVigilance Security Advisory 27 Jetbox CMS version 2.1 Multiple Path Disclosure Vulnerabilities Description: Jetbox CMS is seriously tested on usability & has a professional intuitive interface. The system is role based, with workflow and module orientated. All content is fully separated from...
[Full-disclosure] Jetbox CMS version 2.1 Multiple SQL Injection Vulnerabilities
netVigilance Security Advisory 28 Jetbox CMS version 2.1 Multiple SQL Injection Vulnerabilities Description: Jetbox CMS is seriously tested on usability & has a professional intuitive interface. The system is role based, with workflow and module orientated. All content is fully separated from...
Jetbox CMS version 2.1 E-Mail Injection Vulnerability
netVigilance Security Advisory 26 Jetbox CMS version 2.1 E-Mail Injection Vulnerability Description: Jetbox content management system is seriously tested on usability & has a professional intuitive interface. The system is role based, with workflow and module orientated. All content is fully...
[Full-disclosure] [ Suresec Advisories ] - Several MacOS X vulnerabilities
Buffer overflow in ping and traceroute. Vulnerability summary: The ping and traceroute programs used in Mac OS X are vulnerable to a buffer overflow when resolving a hostname. In the case of ping a hostname gets copied into a static buffer which is 80 bytes long. For traceroute the hostname gets...