I found the PHPWind v6.0 just filter the xss code when the visitors login in,
but it doesnt do it when login off.
An attacker may leverage this issue to execute arbitrary script code in the
browser of an unsuspecting user in the context of the affected site.
This flaw makes its all the
=
Yaniv Miron aka Lament Advisory March 12, 2010
IBM Lotus 6.x HTTP Response Splitting Vulnerability
=
=
I. BACKGROUND
=
IBM Lotus Software delivers robust
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-
Debian Security Advisory DSA-2018-1 secur...@debian.org
http://www.debian.org/security/ Raphael Geissert
March 18, 2010
===
Ubuntu Security Notice USN-915-1 March 18, 2010
thunderbird vulnerabilities
CVE-2009-0689, CVE-2009-2463, CVE-2009-3072, CVE-2009-3075,
CVE-2009-3077, CVE-2009-3376, CVE-2009-3983, CVE-2010-0163
Program : Httpdx v1.5.3b
PoC : Remote Crash Service (if http.log=1)
Homepage : http://sourceforge.net/projects/httpdx/
Found by : Jonathan Salwan
This Advisory: Jonathan Salwan
Contact : j.sal...@sysdream.com
//- Application description
Hi folks,
I am happy to announce the availability of skipfish - our open-source,
fully automated, active web application scanner. There are several
things that probably make it interesting:
1) High speed: pure C code, highly optimized HTTP handling, minimal
CPU footprint - easily achieving 2000