EUVD-2014-5615

Malware in sbrugna...

YouTube channels of Taylor Swift, Justin Bieber, Harry Styles, and other musicians compromised

Some of the biggest stars around have seen content placed on their YouTube accounts without permission over the last couple of days. Taylor Swift has around 40 million subscribers. Justin Bieber? 68 million. Harry Styles, a respectable 12 million. You can even add Eminem and Michael Jackson to th...

vevo.com XSS vulnerability

Open Bug Bounty ID: OBB-707854 Description| Value ---|--- Affected Website:| vevo.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| hidden until...

Paris Police Arrests Alleged Vevo Hackers

By Ionatan Paris Prosecutor’s Office announced the arrest of two 18-year-old French This is a post from HackRead.com Read the original post: Paris Police Arrests Alleged Vevo Hackers...

Vevo YouTube account hacked; popular celebs affected – Despacito video deleted

By Waqas The official YouTube account of Vevo video hosting giant has This is a post from HackRead.com Read the original post: Vevo YouTube account hacked; popular celebs affected - Despacito video deleted...

vevo.com XSS vulnerability

Vulnerable URL: http://www.vevo.com/tv?%3C/title%3E%3C/script/%27-alert%280%29-%27%22-%22--%3E%3Cimg/onerror=%22;alert%281%29;%22src=1%3E%22%3E%3Csvg/onload=prompt%28/XSSPOSED/%29%3E\n Details: Description| Value ---|--- Patched:| No Latest check for patch:| 16.01.2018 Vulnerability type:| XSS...

A week in security (September 11 – September 17)

Last week, we dug into phishing campaigns done via Linkedin accounts, remediation versus prevention, issues with smart syringe pumps, and advised you to go patch against a Word 0day. We had some tips regarding identity theft protection, explored crowdsourced fraud, and explained YARA rules...

Vevo Music Video Service Hacked — 3.12TB of Internal Data Leaked

OurMine is in headlines once again—this time for breaching the popular video streaming service Vevo. After hunting down social media accounts of HBO and defacing WikiLeaks website, the infamous self-proclaimed group of white hat hackers OurMine have hacked Vevo and leaked about 3.12 TB worth of...

OurMine hacks video hosting service Vevo; leaks 3.12TB data online

By Waqas Vevo Becomes Victim of Targeted Data Breach OurMine Hackers This is a post from HackRead.com Read the original post: OurMine hacks video hosting service Vevo; leaks 3.12TB data online...

vevo.com XSS vulnerability

Vulnerable URL: https://www.vevo.com/tv?name=retr0...

vevo.com XSS vulnerability

Vulnerable URL: http://www.vevo.com/tv?%3C/script/%27-alert0-%27"-"-- Details: Description| Value ---|--- Patched:| No Latest check for patch:| 31.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 7593 VIP website status:| Yes Coordinated Disclosure Timeline:...

vevo.com XSS vulnerability

Open Bug Bounty ID: OBB-188566 Description| Value ---|--- Affected Website:| vevo.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Vevo - Watch HD Music Videos - Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Vevo - Watch HD Music Videos published at the 'play' market has multiple vulnerabilities...

vevo.com XSS vulnerability

Vulnerable URL: https://www.vevo.com/tv?name=retr0alert/XSSPOSED/...

vevo.com XSS vulnerability

Vulnerable URL: http://www.vevo.com/tv?%3C/title%3E%3C/script/%27-alert%280%29-%27%22-%22--%3E%3Cimg/onerror=%22;alert%281%29;%22src=1%3E%22%3E%3Csvg/onload=prompt%28/XSSPOSED/%29%3E Details: Description| Value ---|--- Patched:| Yes, at 31.05.2016 Latest check for patch:| 31.05.2016 22:39 GMT...

vevo.com XSS vulnerability

Vulnerable URL: http://www.vevo.com/search?q=%3C/title%3E%22%3E%3Csvg/onload=prompt%28/XSSPOSED/%29%3E Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 5117 Google Pagerank| 7 VIP website status:| Yes Check vevo.c...

CVE-2014-5728

The Vevo - Watch HD Music Videos aka com.vevo application 2.0.27 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

Information disclosure

The Vevo - Watch HD Music Videos aka com.vevo application 2.0.27 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

CVE-2014-5728

The CVE-2014-5728 entry concerns Vevo - Watch HD Music Videos (com.vevo) for Android (version 2.0.27). The affected component is the SSL/TLS certificate validation logic: the application does not verify X.509 certificates from SSL servers. This misimplementation enables man-in-the-middle attacker...

CVE-2014-5728

The Vevo - Watch HD Music Videos aka com.vevo application 2.0.27 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...