8 matches found
USN-7279-1: WebKitGTK vulnerabilities
Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and...
WordPress ExactMetrics Plugin < 7.14.2 XSS Vulnerability
The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:exactmetrics:exactmetrics"; ifdescription...
Halloween News Wrap: Zombie Bugs, Hospital Deaths and Other Scary Cyberattack Stories
This Halloween week, Threatpost editors discuss the spookiest security stories, including: A wave of ransomware attacks targeting a number of hospitals, sparking worries about healthcare security and the impact on patients during COVID-19 “Zombie” vulnerabilities – including Zerologon and SMBGhos...
10 Lebanese government websites taken down by Hacktivist group
Several Lebanese ministry websites were the target of a hack attack Thursday by the group Raise Your Voice, in the second such attack on government-related portals this month. "We are RYV, short for Raise Your Voice, and we are simply a group of people who could not bare sic sitting in silence,...
Anonymous-Linked Attacks Hit US Stock Exchanges
The Websites of the NASDAQ and BATS stock exchanges as well as the Chicago Board Options Exchange CBOE were knocked offline for parts of Monday and Tuesday after coming under a sustained online attack by a group with links to Anonymous. Trading on the exchanges continued unabated on Monday and...
Hacked WordPress Blogs Used to Poison Google Image Search
A researcher has found evidence of thousands of compromised WordPress blogs that are being used to insert malicious images into Google search results. The report, from the unmaskparasites.com blog, may be evidence of the after affects of a widespread attack on WordPress blogs reported last week, ...
Dutch Arrest 16 Year Old for Wikileaks Attack
Dutch authorities issued a statement Thursday saying that a 16 year old boy has been taken into custody for involvement in attacks against the Web sites of Mastercard and Visa. The boy, who was not named, was due to be arraigned by a judge in Rotterdam on Friday. The arrest is the first known...
Absolute Poll Manager XE 4.1 - 'xlaapmview.asp' Cross-Site Scripting
source: https://www.securityfocus.com/bid/25492/info Absolute Poll Manager XE is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. Exploiting this vulnerability may allow an attacker to perform cross-site scripting attacks on unsuspecting use...