6 matches found
Websites that Collect Your Data as You Type
A surprising number of websites include JavaScript keyloggers that collect everything you type as you type it, not just when you submit a form. Researchers from KU Leuven, Radboud University, and University of Lausanne crawled and analyzed the top 100,000 websites, looking at scenarios in which a...
CouchCMS 1.4.5 Cross Site Scripting / Open Redirect
Security Advisory - Curesec Research Team 1. Introduction Affected Product: CouchCMS 1.4.5 Fixed in: 1.4.7 Fixed Version Link: http://www.couchcms.com/products/ Vendor Website: http://www.couchcms.com/ Vulnerability Type: XSS & Open Redirect Remote Exploitable: Yes Reported to vendor: 11/17/2015...
CodoForum 3.4 Cross Site Scripting Vulnerability
CodoForum version 3.4 suffers from a cross site scripting vulnerability. CodoForum 3.4 Cross Site Scripting Vulnerability 1. Introduction Affected Product: CodoForum 3.4 Fixed in: not fixed Release mode: Full Disclosure CVE: Requested, but not assigned Credits Tim Coen of Curesec GmbH 2...
Thelia 2.2.1 Cross Site Scripting
Security Advisory - Curesec Research Team 1. Introduction Affected Product: Thelia 2.2.1 Fixed in: not fixed Fixed Version Link: n/a Vendor Contact: [email protected] Vulnerability Type: XSS Remote Exploitable: Yes Reported to vendor: 09/29/2015 Disclosed to public: 11/13/2015 Release mode: Full...
TheHostingTool 1.2.6 Cross Site Scripting
Security Advisory - Curesec Research Team 1. Introduction Affected Product: TheHostingTool 1.2.6 Fixed in: not fixed Fixed Version Link: n/a Vendor Website: https://thehostingtool.com/ Vulnerability Type: XSS Remote Exploitable: Yes Reported to vendor: 09/07/2015 Disclosed to public: 10/07/2015...
MiniBB 3.1.1 Cross Site Scripting
Security Advisory - Curesec Research Team 1. Introduction Affected Product: MiniBB 3.1.1 Fixed in: 3.2 Fixed Version Link: http://www.minibb.com/download.php?file=minibb Vendor Contact: [email protected] Vulnerability Type: XSS Remote Exploitable: Yes Reported to vendor: 09/01/2015 Disclosed to...