Lucene search
K

12 matches found

Atlassian
Atlassian
added 2014/07/14 3:28 a.m.21 views

Reflected XSS affecting Confluence via Gadgets

Steps to recreate: 1. To view the reflected XSS affecting JIRA, present on the current JIRA installation jira.atlassian.com visit the following link: noformat...

0.3AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2014/07/14 3:28 a.m.22 views

Reflected XSS affecting Confluence via Gadgets

Steps to recreate: 1. To view the reflected XSS affecting JIRA, present on the current JIRA installation jira.atlassian.com visit the following link: noformat...

0.3AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2014/06/25 11:54 p.m.18 views

Bruteforce Attack via Applinks Servlet

An attacker is able to perform bruteforce attacks via the applinks servlet. There is no captcha protection, nor do accounts get locked out after excessive attempts. The attacker can input a username, and perform bruteforce attacks on the login form. The core issue is that there is no login attemp...

1.6AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2014/06/24 6:34 a.m.22 views

Reflected XSS affecting JIRA via Gadgets

Steps to recreate: 1. To view the reflected XSS affecting JIRA, present on the current JIRA installation jira.atlassian.com visit the following link: noformat...

0.3AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2014/06/24 6:34 a.m.23 views

Reflected XSS affecting JIRA via Gadgets

Steps to recreate: 1. To view the reflected XSS affecting JIRA, present on the current JIRA installation jira.atlassian.com visit the following link: noformat...

0.3AI score
Exploits0Affected Software1
The Hacker News
The Hacker News
added 2013/05/16 7:2 a.m.29 views

Facebook Hacking, technique to Spoof the content of any Facebook App

There are many unpatched loopholes or flaws in Facebook website, that allow hackers to inject external links or images to a wall, hijacking any facebook account or bypassing your social privacy. Today we are going to report about another unfixed facebook app vulnerability that allow a hacker to...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2013/05/02 5:27 p.m.17 views

Hacking Instagram Accounts using OAuth vulnerability

'Nir Goldshlager' known as Facebook hacker and founder of Break Security , who reported many critical bugs in Facebook OAuth mechanism in past few months, today disclose a critical vulnerability in Instagram Oauth that allow an attacker to hack any account. Succesful hack allows attacker to acces...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2013/04/17 3:49 p.m.11 views

Hacking Facebook users just from chat box using multiple vulnerabilities

Nir Goldshlager, Founder/CEO at Break Security known for finding serious flaws in Facebook once again on The Hacker News for sharing his new finding i.e Stored Cross-site Scripting XSS in Facebook Chat, Check In and Facebook Messenger. Stored Cross-site Scripting XSS is the most dangerous type of...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2013/03/12 8:37 p.m.18 views

Facebook hacking accounts using another OAuth vulnerability

Remember the last OAuth Flaw in Facebook, that allow an attacker to hijack any account without victim's interaction with any Facebook Application, was reported by white hat Hacker 'Nir Goldshlager'. After that Facebook security team fixed that issue using some minor changes. Yesterday Goldshlager...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2013/01/07 2:46 a.m.13 views

Password reset Vulnerability in Facebook Employees Secure Files Transfer service

Many be many of you are not aware about this, but Facebook having a Secure Files Transfer service for their Employees at https://files.fb.com and Hacker reported a very critical password reset vulnerability. Nir Goldshlager, a researcher told 'The Hacker News' that how he defeat Facebook's Secure...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2008/02/23 12:0 a.m.31 views

lotusquickr-xss.txt

description:Lotus Quickr, announced at Lotusphere 2007, is an evolution of Lotus QuickPlace ,The software use a weak xss filter that an attacker can bypass this xss filter. A remote user can create a specially crafted URL that, when loaded by a target user, will cause arbitrary scripting code to ...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2007/01/24 12:0 a.m.40 views

checkpoint-bypass.txt

I. INTRODUCTION Check Point Connectra is a complete Web Security Gateway that provides SSL VPN access and comprehensive endpoint and integrated intrusion prevention Security in a single unified remote access solution. By combining both SSL VPN connectivity and security in one solution,...

7.4AI score
Exploits0
Rows per page
Query Builder