Exploit Title: OpenX Open Redirect Vulnerability
Product: OpenX
Vendor: OpenX
Vulnerable Versions: 2.8.10 and probably prior
Tested Version: 2.8.10
Advisory Publication: OCT 8, 2014
Latest Update: OCT 8, 2014
Vulnerability Type: Open Redirect [CWE-601]
CVE Reference: CVE-2014-2230
Risk Level:
New York Times nytimes.com Page Design XSS Vulnerability (Almost all
Article Pages Before 2013 are Affected)
Domain:
http://www.nytimes.com/
Vulnerability Description:
The vulnerability occurs at New York Times’s URLs. Nytimes (short for New
York Times) uses part of the URLs to construct its
Exploit Title: Newtelligence dasBlog Open Redirect Vulnerability
Product: dasBlog
Vendor: Newtelligence
Vulnerable Versions: 2.3 (2.3.9074.18820) 2.2 (2.2.8279.16125)
2.1(2.1.8102.813)
Tested Version: 2.3 (2.3.9074.18820)
Advisory Publication: OCT 15, 2014
Latest Update: OCT 15, 2014
Vulnerability
Domains:
http://lxr.mozilla.org/
http://mxr.mozilla.org/
(The two domains above are almost the same)
Websites information:
lxr.mozilla.org, mxr.mozilla.org are cross references designed to display
the Mozilla source code. The sources displayed are those that are currently
checked in to the
Bypass Google Open Redirect Filter Based on Googleads.g.doubleclick.net
http://googleads.g.doubleclick.net/
-- Google Covert Redirect Vulnerability Based on Googleads.g.doubleclick.net
http://googleads.g.doubleclick.net/
The vulnerability exists at Logout? page with continue parameter, i.e.
CVE-2014-7290 Atlas Systems Aeon XSS (Cross-Site Scripting) Vulnerability
Exploit Title: Atlas Systems Aeon XSS Vulnerability
Product: Aeon
Vendor: Atlas Systems
Vulnerable Versions: 3.6 3.5
Tested Version: 3.6
Advisory Publication: Nov 12, 2014
Latest Update: Nov 12, 2014
Vulnerability Type:
*Exploit Title: Springshare LibCal XSS (Cross-Site Scripting) Vulnerability*
Product: LibCal
Vendor: Springshare
Vulnerable Versions: 2.0
Tested Version: 2.0
Advisory Publication: Nov 25, 2014
Latest Update: Nov 25, 2014
Vulnerability Type: Cross-Site Scripting [CWE-79]
CVE Reference:
http://tetraph.com/security/open-redirect/cve-2014-8754-wordpress-ad-manager-plugin-dest-redirect-privilege-escalation/#respond
*CVE-2014-8754 WordPress “Ad-Manager Plugin” Dest Redirect Privilege
Escalation*
Exploit Title: WordPress Ad-Manager Plugin Dest Redirect Privilege
Escalation
*All Links in **Two Topics of Indiatimes (indiatimes.com
http://indiatimes.com/) Are Vulnerable to XSS (cross site scripting)
Attacks *
*Domain Description:*
http://www.indiatimes.com
According to the Indian Readership Survey (IRS) 2012, the Times of India
is the most widely read English
*CVE-2014-8751 goYWP WebPress Multiple XSS (Cross-Site Scripting) Security
Vulnerabilities*
Exploit Title: goYWP WebPress Multiple XSS (Cross-Site Scripting) Security
Vulnerabilities
Product: WebPress
Vendor: goYWP
Vulnerable Versions: 13.00.06
Tested Version: 13.00.06
Advisory
*ESPN espn.go.com http://espn.go.com/ Login Register Page XSS and Dest
Redirect Privilege Escalation Security Vulnerabilities*
*Domain:*
http://espn.go.com/
**As of August 2013, ESPN is available to approximately 97,736,000 pay
television households (85.58% of households with at least one
*CVE-2014-8752 JCE-Tech Video Niche Script XSS (Cross-Site Scripting)
Security Vulnerability*
Exploit Title: JCE-Tech Video Niche Script /view.php Multiple Parameters
XSS
Product: Video Niche Script
Vendor: JCE-Tech
Vulnerable Versions: 4.0
Tested Version: 4.0
Advisory Publication: Nov 18, 2014
*CVE-2014-8490 TennisConnect COMPONENTS System XSS (Cross-Site Scripting)
Security Vulnerability*
Exploit Title: TennisConnect TennisConnect COMPONENTS System /index.cfm
pid Parameter XSS
Product: TennisConnect COMPONENTS System
Vendor: TennisConnect
Vulnerable Versions: 9.927
Tested Version:
*Yahoo Yahoo.com Yahoo.co.jp http://Yahoo.co.jp Open Redirect Security
Vulnerabilities*
Though Yahoo lists open redirect vulnerability on its bug bounty program.
However, it seems Yahoo do not take this vulnerability seriously at all.
Multiple Open Redirect vulnerabilities were reported Yahoo.
*CVE-2014-9562 OptimalSite Content Management System (CMS) XSS (Cross-Site
Scripting) Security Vulnerabilities*
Exploit Title: OptimalSite CMS /display_dialog.php image Parameter XSS
Security Vulnerability
Vendor: OptimalSite
Product: OptimalSite Content Management System (CMS)
Vulnerable
*About Group (about.com http://about.com) All Topics (At least 99.88%
links) Vulnerable to XSS Iframe Injection Security Attacks, About.com
Open Redirect Security Vulnerabilities*
*Vulnerability Description:*
About.com all topic sites are vulnerable to XSS (Cross-Site Scripting)
and Iframe
*CVE-2014-9558 SmartCMS Multiple SQL Injection Security Vulnerabilities*
Exploit Title: Smartwebsites SmartCMS v.2 Multiple SQL Injection Security
Vulnerabilities
Product: SmartCMS v.2
Vendor: Smartwebsites
Vulnerable Versions: v.2
Tested Version: v.2
Advisory Publication: Jan 22, 2015
Latest
*CVE-2014-9557 SmartCMS Multiple XSS (Cross-Site Scripting) Security
Vulnerabilities*
Exploit Title: Smartwebsites SmartCMS v.2 Multiple XSS Security
Vulnerabilities
Product: SmartCMS v.2
Vendor: Smartwebsites
Vulnerable Versions: v.2
Tested Version: v.2
Advisory Publication: Jan 22, 2015
Latest
*CVE-2014-8753 Cit-e-Net Multiple XSS (Cross-Site Scripting) Security
Vulnerabilities*
Exploit Title: Cit-e-Net Multiple XSS (Cross-Site Scripting) Security
Vulnerabilities
Product: Cit-e-Access
Vendor: Cit-e-Net
Vulnerable Versions: Version 6
Tested Version: Version 6
Advisory Publication: Feb
*CVE-2014-9469 vBulletin XSS (Cross-Site Scripting) Security
Vulnerabilities*
Exploit Title: vBulletin XSS (Cross-Site Scripting) Security Vulnerabilities
Product: vBulletin Forum
Vendor: vBulletin
Vulnerable Versions: 5.1.3 5.0.5 4.2.2 3.8.7 3.6.7 3.6.0 3.5.4
Tested Version: 5.1.3
*CVE-2014-9468 InstantASP InstantForum.NET Multiple XSS (Cross-Site
Scripting) Security Vulnerabilities*
Exploit Title: InstantASP InstantForum.NET Multiple XSS (Cross-Site
Scripting) Security Vulnerabilities
Product: InstantForum.NET
Vendor: InstantASP
Vulnerable Versions: v4.1.3 v4.1.1
*DLGuard Multiple XSS (Cross-Site Scripting) Security Vulnerabilities*
Exploit Title: DLGuard Multiple XSS (Cross-Site Scripting) Security
Vulnerabilities
Product: DLGuard
Vendor: DLGuard
Vulnerable Versions: v5 v4.6 v4.5
Tested Version: v5 v4.6
Advisory Publication: Feb 18, 2015
*DLGuard Full Path Disclosure (Information Leakage) Security
Vulnerabilities*
Exploit Title: DLGuard /index.php c parameter Full Path Disclosure Security
Vulnerabilities
Product: DLGuard
Vendor: DLGuard
Vulnerable Versions: v4.5
Tested Version: v4.5
Advisory Publication: Feb 18, 2015
Latest
DLGuard SQL Injection Security Vulnerabilities
Exploit Title: DLGuard /index.php c parameter SQL Injection Security
Vulnerabilities
Product: DLGuard
Vendor: DLGuard
Vulnerable Versions: v4.5
Tested Version: v4.5
Advisory Publication: Feb 18, 2015
Latest Update: Feb 18, 2015
Vulnerability Type:
CVE-2014-9559 SnipSnap XSS (Cross-Site Scripting) Security Vulnerabilities
Exploit Title: SnipSnap /snipsnap-search? query Parameter XSS
Product: SnipSnap
Vulnerable Versions: 0.5.2a 1.0b1 1.0b2
Tested Version: 0.5.2a 1.0b1 1.0b2
Advisory Publication: Jan 30, 2015
Latest Update: Jan 30, 2015
*CVE-2014-9560 Softbb.net SoftBB SQL Injection Security Vulnerability*
Exploit Title: Softbb.net SoftBB /redir_last_post_list.php post Parameter
SQL Injection
Product: SoftBB (mods)
Vendor: Softbb.net
Vulnerable Versions: v0.1.3
Tested Version: v0.1.3
Advisory Publication: Jan 10, 2015
Latest
CVE-2014-9561 Softbb.net SoftBB XSS (Cross-Site Scripting) Security
Vulnerability
Exploit Title: Softbb.net SoftBB /redir_last_post_list.php post Parameter
XSS
Product: SoftBB (mods)
Vendor: Softbb.net
Vulnerable Versions: v0.1.3
Tested Version: v0.1.3
Advisory Publication: Jan 10, 2015
*724CMS 5.01 Multiple Information Leakage Security Vulnerabilities*
Exploit Title: 724CMS Multiple Information Leakage Security Vulnerabilities
Vendor: 724CMS
Product: 724CMS
Vulnerable Versions: 3.01 4.01 4.59 5.01
Tested Version: 5.01
Advisory Publication: March 14, 2015
Latest
*Webshop hun v1.062S Information Leakage (Full Path Disclosure - FPD)
Security Vulnerabilities*
Exploit Title: Webshop hun v1.062S /index.php termid parameter Information
Leakage Security Vulnerabilities
Product: Webshop hun
Vendor: Webshop hun
Vulnerable Versions: v1.062S
Tested Version:
*WordPress Daily Edition Theme v1.6.2 Unrestricted Upload of File Security
Vulnerabilities*
Exploit Title: WordPress Daily Edition Theme v1.6.2 /thumb.php src
Parameter Unrestricted Upload of File Security Vulnerabilities
Product: WordPress Daily Edition Theme
Vendor: WooThemes
Vulnerable
*WordPress Daily Edition Theme v1.6.2 SQL Injection Security
Vulnerabilities*
Exploit Title: WordPress Daily Edition Theme v1.6.2 /fiche-disque.php id
Parameters SQL Injection Security Vulnerabilities
Product: WordPress Daily Edition Theme
Vendor: WooThemes
Vulnerable Versions: v1.6.2
Tested
*WordPress Daily Edition Theme v1.6.2 Information Leakage Security
Vulnerabilities*
Exploit Title: WordPress Daily Edition Theme /thumb.php src Parameters
Information Leakage Security Vulnerabilities
Product: WordPress Daily Edition Theme
Vendor: WooThemes
Vulnerable Versions: v1.6.* v1.5.*
*Webshop hun v1.062S XSS (Cross-site Scripting) Security Vulnerabilities*
Exploit Title: Webshop hun v1.062S /index.php Multiple Parameters XSS
Security Vulnerabilities
Product: Webshop hun
Vendor: Webshop hun
Vulnerable Versions: v1.062S
Tested Version: v1.062S
Advisory Publication: Mar 04,
*WordPress Max Banner Ads Plug-in XSS (Cross-site Scripting) Security
Vulnerabilities*
Exploit Title: Wordpress Max Banner Ads Plugin /info.php zone_id
Parameter XSS Security Vulnerabilities
Product: Wordpress Max Banner Ads Plugin
Vendor: MaxBlogPress
Vulnerable Versions: 1.9 1.8 1.4 1.3.*
*NetCat CMS Multiple Remote File Inclusion (RFI) Security Vulnerabilities*
Exploit Title: NetCat CMS Multiple Remote File Inclusion (RFI) Security
Vulnerabilities
Product: NetCat CMS (Content Management System)
Vendor: NetCat
Vulnerable Versions: 3.12 3.0 2.4 2.3 2.2 2.1 2.0 1.1
*Comsenz SupeSite CMS Reflected XSS (Cross-site Scripting) Security
Vulnerabilities*
Exploit Title: Comsenz SupeSite CMS /cp.php do parameter Reflected XSS
Security Vulnerabilities
Product: SupeSite CMS (Content Management System)
Vendor: Comsenz
Vulnerable Versions: 6.0.1UC 7.0
Tested
*NetCat CMS Multiple URL Redirection (Open Redirect) Security
Vulnerabilities*
Exploit Title: NetCat CMS Multiple URL Redirection Security Vulnerabilities
Product: NetCat CMS (Content Management System)
Vendor: NetCat
Vulnerable Versions: 5.01 3.12 3.0 2.4 2.3 2.2 2.1 2.0 1.1
--
Jing Wang,
Division of Mathematical Sciences (MAS),
School of Physical and Mathematical Sciences (SPMS),
Nanyang Technological University (NTU),
Singapore.
http://www.tetraph.com/wangjing/
https://twitter.com/justqdjing
___
Sent through the Full
=www.fusionvmTabId=0Lang=en-USOU=0ItemId=44832
https://www.bugscan.net/#!/x/21289
http://bluereader.org/article/30765596
--
Jing Wang,
Division of Mathematical Sciences (MAS),
School of Physical and Mathematical Sciences (SPMS),
Nanyang Technological University (NTU),
Singapore.
http://www.tetraph.com
://lists.openwall.net/full-disclosure/2015/04/15/3
--
Jing Wang,
Division of Mathematical Sciences (MAS),
School of Physical and Mathematical Sciences (SPMS),
Nanyang Technological University (NTU),
Singapore.
http://www.tetraph.com/wangjing/
https://twitter.com/justqdjing
: May 09, 2015
Vulnerability Type: Cross-Site Scripting [CWE-79]
CVE Reference: *
Impact CVSS Severity (version 2.0):
CVSS v2 Base Score: 4.3 (MEDIUM) (AV:N/AC:M/Au:N/C:N/I:P/A:N) (legend)
Impact Subscore: 2.9
Exploitability Subscore: 8.6
Writer and Reporter: Jing Wang [School of Physical
*NetCat CMS 3.12 HTML Injection Security Vulnerabilities*
Exploit Title: NetCat CMS 3.12 /catalog/search.php? q Parameter HTML
Injection Security Vulnerabilities
Product: NetCat CMS (Content Management System)
Vendor: NetCat
Vulnerable Versions: 3.12 3.0 2.4 2.3 2.2 2.1 2.0 1.1
*NetCat CMS 3.12 Multiple Directory Traversal Security Vulnerabilities*
Exploit Title: NetCat CMS 3.12 Multiple Directory Traversal Security
Vulnerabilities
Product: NetCat CMS (Content Management System)
Vendor: NetCat
Vulnerable Versions: 3.12 3.0 2.4 2.3 2.2 2.1 2.0 1.1
Tested
*ECE Projects XSS (Cross-site Scripting) Security Vulnerabilities*
Exploit Title: ECE Projects XSS (Cross-site Scripting) Security
Vulnerabilities
Vendor: ECE Projektmanagement G.m.b.H. Co. KG (ECE)
Product: ECE Projects
Vulnerable Versions:
Tested Version:
Advisory Publication: April 01, 2015
://www.mail-archive.com/fulldisclosure%40seclists.org/msg02028.html
http://seclists.org/fulldisclosure/2015/May/34
https://www.bugscan.net/#!/x/21839
http://lists.openwall.net/full-disclosure/2015/04/05/8
http://permalink.gmane.org/gmane.comp.security.fulldisclosure/1957
--
Jing Wang,
Division
-2015030028
http://permalink.gmane.org/gmane.comp.security.oss.general/16883
http://lists.openwall.net/full-disclosure/2015/04/15/1
http://seclists.org/fulldisclosure/2015/Apr/35
--
Jing Wang,
Division of Mathematical Sciences (MAS),
School of Physical and Mathematical Sciences (SPMS),
Nanyang
/full-disclosure/2015/03/07/4
--
Jing Wang,
Division of Mathematical Sciences (MAS),
School of Physical and Mathematical Sciences (SPMS),
Nanyang Technological University (NTU),
Singapore.
http://www.tetraph.com/wangjing/
https://twitter.com/justqdjing
be
*Blog Details:*
http://www.tetraph.com/security/website-test/telegraph-xss/
http://securityrelated.blogspot.com/2015/10/telegraph-xss-0day.html
*(3) Vulnerability Disclosure:*
These vulnerabilities have been patched now.
--
Jing Wang,
Division of Mathematical Sciences (MAS),
Schoo
l
http://marc.info/?l=oss-security=144094021709472=4
http://lists.openwall.net/full-disclosure/2015/08/31/2
http://ithut.tumblr.com/post/128012509383/webcabinet-winmail-server-42-reflected-xss
http://seclists.org/fulldisclosure/2015/Aug/84
http://lists.openwall.net/full-disclosure/2015/08/31/2
49 matches
Mail list logo