dateline-saigon.com Cross Site Scripting vulnerability OBB-3286050

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

EasyTalk任意用户密码重置

简要描述： EasyTalk任意用户密码重置 详细说明： EasyTalk的用户密码重置功能存在重大缺陷，可重置任意用户密码。 我们看看发送的重置密码的链接： 打开此链接，容易看出使用base64编码，解码看看内容： 尽然是：username，mailadres，userid，dateline 那么，我们把这些参数改了就可以修改任意用户的密码了。 注意上述参数的内容，除了mailadres不能直接得到外，其他参数都可以直接从站内得到。 mailadres也是很容易得到的。 我们测试如下账户，修改如下： 成功重置了admin的密码：...

Online Banking Threats, Circa 1999

In this Dateline NBC video from 1999, experts, including an unnamed Chris Wysopal, then of the L0pht, now of Veracode, discuss the dangers of online banking and the use of Trojans to steal data. Everything old is new again...

mybb v1.1.1(showthread.php) SQL Injection Exploit

---------------------------------- foud by: Breeeeh Site: http://www.alshmokh.com Email: [email protected] ---------------------------------- $query = $db-query"SELECT pid FROM ".TABLEPREFIX."posts WHERE tid='$tid' $visible ORDER BY dateline LIMIT $start, $perpage"; while$getid =...