Chrome, Firefox, Safari and IE – All Browsers Hacked at Pwn2Own Competition

The Annual Pwn2Own Hacking Competition 2015 held in Vancouver is over and participants from all over the world nabbed $557,500 in bug bounties for 21 critical bugs in top four web browsers as well as Windows OS, Adobe Reader and Adobe Flash. During the second and final day of this year’s hacking...

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS. The $http service allows JSONP requests with untrusted URLs, which could be exploited by an attacker. Details Cross-site scripting or XSS is a code vulnerability that occurs when an attacker “injects” a malicio...

Risk of BREACH attack due to reflected parameter.

PMASA-2015-1 Announcement-ID: PMASA-2015-1 Date: 2015-03-04 Summary Risk of BREACH attack due to reflected parameter. Description With a large number of crafted requests it was possible to infer the CSRF token by a BREACH attack. Severity We consider this vulnerability to be non critical...

phpMyAdmin -- Risk of BREACH attack due to reflected parameter

The phpMyAdmin development team reports: Risk of BREACH attack due to reflected parameter. With a large number of crafted requests it was possible to infer the CSRF token by a BREACH attack. Mitigation factor: this vulnerability can only be exploited in the presence of another vulnerability that...

InVision: Javascript Injection

In this webapge: █████████, the URL that is being loaded is listed as a meta property: html The problem is that when additional text is appended to the end of the URL, like this html , it is displayed as part of the HTML. By adding a quotation mark and closing the metaproperty tag like so: html "...

Vimeo: Application XSS filter function Bypass may allow Multiple stored XSS

Hi, As i analysed the application behavior and the security structure, i found out that the application is using "Greedy XSS Regex filter" against XSS and removes any the whole string from ''. So i tried some basic bypass which allowed me to insert tags and other characters into the string. Here ...

Vimeo: Vimeo.com - reflected xss vulnerability

Hi. I want to report a Reflected xss vulnerability that I found in www.vimeo.com website and which can affect the safety of your users. This vulnerability allows an attacker to inject in web pages javascript content for sending malicious scripts to an unsuspecting user. This flaw can access any...

eBay.com ocsnext CSS Injection

Exploit Title: eBay.com ocsnext sub-domain Reflected CSS injection Date: 20/12/2014 Author: Yann CAM @ Synetis - ASafety Vendor or Software Link: www.ebay.com Version: / Category: Reflected CSS injection Google dork: Tested on: eBay.com ocsnext sub-domain Adobe description :...

SEC Consult SA-20141015-0 :: Potential Cross-Site Scripting in ADF Faces

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SEC Consult Vulnerability Lab Security Advisory 20141015-0 ======================================================================= title: Potential Cross-Site Scripting product: ADF Faces vulnerable version: 12.1.2.0 fixed version: versions with CPU...

MGASA-2014-0400 Updated mediawiki packages fix security vulnerbilities

Updated mediawiki packages fix security vulnerability: MediaWiki before 1.23.4 is vulnerable to cross-site scripting due to JavaScript injection via CSS in uploaded SVG files CVE-2014-7199. MediaWiki before 1.23.5 is vulnerable to cross-site scripting due to JavaScript injection via user-specific...

CVE-2014-7278 DoS in ZyXEL SBG-3300 Security Gateway

Vulnerability Title: DoS in ZyXEL SBG-3300 Security Gateway Date: 02/10/2014 CVE-ID: CVE-2014-7278 Product: ZyXEL SBG3300-N series Vendor: www.zyxel.com Affected Firmware: Latest version at the time of disclosure V1.00AADY.4C0 and below tested Patch: Unpatched Authored by: Mirko Casadei Disclosur...

ZyXEL SBG-3300 Security Gateway Denial Of Service

Vulnerability Title: DoS in ZyXEL SBG-3300 Security Gateway Date: 02/10/2014 CVE-ID: CVE-2014-7278 Product: ZyXEL SBG3300-N series Vendor: www.zyxel.com Affected Firmware: Latest version at the time of disclosure V1.00AADY.4C0 and below tested Patch: Unpatched Authored by: Mirko Casadei Disclosur...

WordPress EWWW Image Optimizer Cloud Plugin <= 2.0.1 - XSS

Because of this vulnerability, the attackers can inject arbitrary JavaScript or HTML code. Solution Update the plugin...

PhpOnlineChat 3.0 - Cross-Site Scripting

PhpOnlineChat 3.0 - Cross-Site Scripting Exploit Title: phponlinechat xss Date: 5/9/2014 Exploit Author: N0 Feel Vendor Homepage: http://phponlinechat.com/phpchat Software Link: http://phponlinechat.com/chat-free-download.php Version: 3.0 Tested on: win7 php online chat suffer from xss in user...

Firefox WebIDL Privileged Javascript Injection

This exploit gains remote code execution on Firefox 22-27 by abusing two separate privilege escalation vulnerabilities in Firefox's Javascript APIs. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require...

Firefox toString console.time Privileged Javascript Injection Exploit

This Metasploit module gains remote code execution on Firefox 15-22 by abusing two separate Javascript-related vulnerabilities to ultimately inject malicious Javascript code into a context running with chrome:// privileges. This module requires Metasploit: http//metasploit.com/download Current...

WordPress ClickDesk Plugin <= 3.8.1 - Cross Site Scripting

Because of this vulnerability, the attackers can inject arbitrary JavaScript or HTML code. Solution Update the plugin...

Movable Type Pro 5.13en Stored XSS Vulnerability

No description provided by source. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Source URL: http://www.cloudscan.me/2012/10/cve-2012-1503-movable-type-pro-513en.html Keywords: CVE-2012-1503, Movable Type Pro 5.13en, Stored XSS, JavaScript Injection, Vendor Unresponsive, Full Disclosure...

XT:Commerce < 3.04 SP2.1 XSS Vulnerability

No description provided by source. ---------------------------------------------------------------------------------- Cross-Site-Scripting XT:Commerce 3.04 SP2.1 ---------------------------------------------------------------------------------- Affected Software .: XT:Commerce 3.04 SP2.1 Venedor...

Palm Pre WebOS <= 1.1 - Remote File Access Vulnerability

No description provided by source. I. Description The Palm Pre WebOS =1.1 suffers from a JavaScript injection attack that allows a malicious attacker to access any file on the mobile device. Palm has patched this vulnerability and all users are recommended to upgrade to WebOS version 1.2+. Palm...