Pornhub: SSRF and local file disclosure by video upload on https://www.tube8.com/

The researcher was successful in exploiting a vulnerability in 3rd party encoding library resulting in the execution of SSRF attacks and Local File Disclosure...

Pornhub: Blind SQL injection in Hall of Fap

Summary: There is a blind SQL injection vulnerability in GET parameter topsort in page https://www.tube8.fr/ajax-hof/. Description: SQL functions can be injected into the SQL query. Using the sleep function, which makes the database sleep, we can notice the injection. PoC The following request wi...

tube8.es XSS vulnerability

Vulnerable URL: http://www.tube8.es/porntags/y9o5z"jve1f/?page== Details: Description| Value ---|--- Patched:| Yes, at 24.03.2017 Latest check for patch:| 24.03.2017 04:57 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 125468 VIP website status:| No Check...

Unfixed XSS vulnerability at www.tube8.com

Security researcher Viper.aT, has submitted on 28/03/2008 a cross-site-scripting XSS vulnerability affecting www.tube8.com, which at the time of submission ranked 0 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 03/04/2008. It is currently...