7687 matches found
aces.shu.ac.uk XSS vulnerability
Vulnerable URL: http://aces.shu.ac.uk/employability/index.php?k=15%22%3E%3Csvg/onload=confirm%28/xssposed/%29%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 26.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not...
yorkshire.com XSS vulnerability
Vulnerable URL: http://www.yorkshire.com/whats-on?date=20/01/2016=cool%22/onmouseover=confirm%28%27xssposed%27%29%20x==10 Details: Description| Value ---|--- Patched:| Yes, at 22.02.2016 Latest check for patch:| 22.02.2016 01:40 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclos...
cruiselinesjobs.com Open Redirect vulnerability
Vulnerable URL: http://www.cruiselinesjobs.com/redirect.php?url=http://www.xssposed.org Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| Open Redirect Vulnerability status:| Publicly disclosed Alexa Rank| 359558 Google Pagerank| 0 VIP website status:| No Check...
claroleague.co.uk XSS vulnerability
Vulnerable URL: http://claroleague.co.uk/ajax/getNextGameSmall.asp?teamname=%22%3E%3Csvg/onload=prompt%28/XSSPOSED/%29%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 26.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / N...
rpi-ekhn.de Open Redirect vulnerability
Vulnerable URL: http://www.rpi-ekhn.de/mail2date/ServiceCenter/redirect.php?url=https://xssposed.org/ Details: Description| Value ---|--- Patched:| Yes, at 26.07.2017 Latest check for patch:| 26.07.2017 12:37 GMT Vulnerability type:| Open Redirect Vulnerability status:| Publicly disclosed Alexa...
vistaprint.nl Open Redirect vulnerability
Vulnerable URL: http://www.vistaprint.nl/add-coupon.aspx?redirect=https://www.xssposed.org/ Details: Description| Value ---|--- Patched:| No Latest check for patch:| 30.07.2017 Vulnerability type:| Open Redirect Vulnerability status:| Publicly disclosed Alexa Rank| 75425 Google Pagerank| 0 VIP...
CVE-2015-8400
The HTTPS fallback implementation in Shell In A Box aka shellinabox before 2.19 makes it easier for remote attackers to conduct DNS rebinding attacks via the "/plain" URL...
Hardcoded credentials
The HTTPS fallback implementation in Shell In A Box aka shellinabox before 2.19 makes it easier for remote attackers to conduct DNS rebinding attacks via the "/plain" URL...
CVE-2015-8400
The HTTPS fallback implementation in Shell In A Box aka shellinabox before 2.19 makes it easier for remote attackers to conduct DNS rebinding attacks via the "/plain" URL...
CVE-2015-8400
Shell In A Box (shellinabox) prior to version 2.19 contains an HTTPS fallback mechanism that allows DNS rebinding attacks via the /plain URL. The vulnerability is triggered when the client can revert HTTPS requests to HTTP, enabling remote attackers to exploit DNS rebinding. Public references in ...
CVE-2015-8400
The HTTPS fallback implementation in Shell In A Box aka shellinabox before 2.19 makes it easier for remote attackers to conduct DNS rebinding attacks via the "/plain" URL...
CVE-2015-8400
The HTTPS fallback implementation in Shell In A Box aka shellinabox before 2.19 makes it easier for remote attackers to conduct DNS rebinding attacks via the "/plain" URL...
Mozilla Warns of SHA-1 Deprecation Side Effects
As promised, Mozilla officially began rejecting new SHA-1 certificates as of the first of the year. And as promised, there have been some usability issues. Mozilla yesterday said that some security scanners and antivirus products are keeping some from reaching HTTPS websites. “When a user tries t...
ownCloud: Mixed Active Scripting Issue on stats.owncloud.org
I have come across with a HTTPS security issue - compromises HTTPS security by loading images from non secure source in stats.owncloud.org Vulnerability Type: Mixed Active Scripting Issue Description: Mixed Active Content is content that has access to and can affect all or parts of the Document...
dual.by Open Redirect vulnerability
Vulnerable URL: http://dual.by/include/clickcounter.php?url=https://www.xssposed.org/ Details: Description| Value ---|--- Patched:| Yes, at 26.07.2017 Latest check for patch:| 26.07.2017 11:54 GMT Vulnerability type:| Open Redirect Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / N...
clashforce.com Open Redirect vulnerability
Vulnerable URL: http://www.clashforce.com/?action=outboundclick;url=https://www.xssposed.org/ Details: Description| Value ---|--- Patched:| Yes, at 23.11.2017 Latest check for patch:| 23.11.2017 20:11 GMT Vulnerability type:| Open Redirect Vulnerability status:| Publicly disclosed Alexa Rank|...
CVE-2015-7410
The Health Check tool in IBM Sterling B2B Integrator 5.2 does not properly use cookies in conjunction with HTTPS sessions, which allows man-in-the-middle attackers to obtain sensitive information or modify data via unspecified vectors...
Design/Logic Flaw
The Health Check tool in IBM Sterling B2B Integrator 5.2 does not properly use cookies in conjunction with HTTPS sessions, which allows man-in-the-middle attackers to obtain sensitive information or modify data via unspecified vectors...
CVE-2015-7410
IBM CVE-2015-7410 affects IBM Sterling B2B Integrator 5.2 (Health Check tool). The vulnerability is due to cookies not being properly handled with HTTPS sessions, enabling cookie hijacking via MITM-type scenarios. Affected product/version: IBM Sterling B2B Integrator 5.2. Remediation/fix: apply t...
CVE-2015-7410
The Health Check tool in IBM Sterling B2B Integrator 5.2 does not properly use cookies in conjunction with HTTPS sessions, which allows man-in-the-middle attackers to obtain sensitive information or modify data via unspecified vectors...