10 matches found
PayPal Bug Bounty #119 - Stored Cross Site Vulnerability
Document Title: =============== PayPal Bug Bounty 119 - Stored Cross Site Vulnerability References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1587 Advisory: http://www.vulnerability-lab.com/getcontent.php?id=1587 Video: https://www.youtube.com/watch?v=S0vo9FUHo-c Vulnerabilit...
PayPal Bug Bounty #119 - Stored Cross Site Vulnerability
Document Title: =============== PayPal Bug Bounty 119 - Stored Cross Site Vulnerability References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1587 Advisory: http://www.vulnerability-lab.com/getcontent.php?id=1587 Video: https://www.youtube.com/watch?v=S0vo9FUHo-c Vulnerabilit...
Critical vulnerability in Twitter allows attacker to upload Unrestricted Files
Security expert Ebrahim Hegazy, Cyber Security Analyst Consultant at Q-CERT, has found a serious vulnerability in Twitter that allows an attacker to upload files of any extension including PHP. When an application does not validate or improperly validates file types before uploading files to the...
Server Misconfiguration discloses passwords of all Barracuda Network Employees
Security expert Ebrahim Hegazy has found a Password disclosure vulnerability in Barracuda update servers which allows to gain access to employee credentials. The Egyptian information security advisor Ebrahim Hegazy@Zigoo0 has found a Password disclosure vulnerability in one of Barracuda update...
Server Misconfiguration discloses passwords of all Barracuda Network Employees
Security expert Ebrahim Hegazy has found a Password disclosure vulnerability in Barracuda update servers which allows to gain access to employee credentials. The Egyptian information security advisor Ebrahim Hegazy@Zigoo0 has found a Password disclosure vulnerability in one of Barracuda update...
Avira Analysis Web Service - SQL Injection Vulnerability
Document Title: =============== Avira Analysis Web Service - SQL Injection Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=997 Public Video: http://www.youtube.com/watch?v=128cIzgt2EI Release Date: ============= 2013-07-07 Vulnerability...
Avira Analysis - Filter Bypass & SQL Injection Vulnerability
Document Title: =============== Avira Analysis - Filter Bypass & SQL Injection Vulnerability References: =========== http://www.vulnerability-lab.com/getcontent.php?id=998 Public Video: http://www.youtube.com/watch?v=128cIzgt2EI Advisory: http://www.vulnerability-lab.com/getcontent.php?id=997...
Avira License Cross Site Scripting
Title: ====== Avira License - Cross Site Scripting Web Vulnerability Date: ===== 2013-04-13 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=916 Avira Case-ID 99287655 VL-ID: ===== 916 Common Vulnerability Scoring System: ==================================== 1.5...
Yahoo! Blind SQL Injection could lead to data leakage
It seems that 2013 is the "Data Leakage Year"! Many customers' information and confidential data have been published on the internet coming from government institutions, famous vendors, and companies too. Ebrahim Hegazy@Zigoo0 an Egyptian information security advisor who found a high severity...
Avira License - Client Side Cross Site Scripting Vulnerability
Document Title: =============== Avira License - Client Side Cross Site Scripting Vulnerability References: =========== Article: http://www.vulnerability-lab.com/getcontent.php?id=917 Advisory: http://www.vulnerability-lab.com/getcontent.php?id=916 View: http://www.youtube.com/watch?v=nmdGSwi2FHY...