IT 计算机信息网络安全技术

IT 技术
计算机安全
网络网站安全
白帽子漏洞

© IT 计算机信息网络安全技术 | Powered by LOFTER

白帽子安全:

IT 计算机&信息网络 技术:

URFDS: Systematic discovery of Unvalidated Redirects and Forwards in web applications

Author:
Jing Wang, Hongjun Wu
School of Physical and Mathematical Sciences, Nanyang Technological University, Singapore

Abstract:
URL redirection is necessary in web applications...

Daily Mail Online Website XSS Cyber Security Zero-Day Vulnerability



Website Description:
“The Daily Mail is a British daily middle-market tabloid newspaper owned by the Daily Mail and General Trust. First published in 1896 by Lord Northcliffe, it is the United Kingdom’s second biggest-selling daily...

白帽子计算机安全:

Daily mail Registration Page Unvalidated Redirects and Forwards & XSS Web Security Problem


Website Description:
"The Daily Mail is a British daily middle-market tabloid newspaper owned by the Daily Mail and General Trust. First published in 1896 by Lord Northcliffe,...

TeleGraph All Photo (Picture) Pages Have Been Vulnerable to XSS Cyber Attacks


Website Description:
http://www.telegraph.co.uk


"The Daily Telegraph is a British daily morning English-language broadsheet newspaper, published in London by Telegraph Media Group and distributed throughout the United...

VuFind 1.0 Reflected XSS (Cross-site Scripting) Application 0-Day Web Security Bug



Exploit Title: VuFind Results? &lookfor parameter Reflected XSS Web Security Vulnerability

Product: VuFind

Vendor: VuFind

Vulnerable Versions: 1.0

Tested Version: 1.0

Advisory Publication: September 20,

白帽子计算机安全:

Web Technology:

KnowledgeTree OSS 3.0.3b Application Reflected XSS (Cross-site Scripting) Web Security 0Day Vulnerability



Exploit Title: KnowledgeTree login.php &errorMessage parameter Reflected XSS Web Security Vulnerability

Product: Knowledge Tree Document Management...

白帽子计算机安全:

IT 计算机&信息网络 技术:

Winmail Server 4.2 Reflected XSS (Cross-site Scripting) Web Application 0-Day Security Bug

Exploit Title: Winmail Server badlogin.php &lid parameter Reflected XSS Web Security Vulnerability
Product: Winmail Server
Vendor: Winmail Server
Vulnerable Versions...

白帽子计算机安全:

PhotoPost PHP 4.8c Cookie Based Stored XSS (Cross-site Scripting) Web Application 0-Day Bug


Exploit Title: PhotoPost PHP __utmz Cookie Stored XSS Web Security Vulnerability

Product: PhotoPost PHP

Vendor: PhotoPost

Vulnerable Versions: 4.8c  4.8.6  4.8.5  4.8.2...

Mozilla Online Website Two Sub-Domains XSS (Cross-site Scripting) Bugs ( All URLs Under the Two Domains)



Domains:
http://lxr.mozilla.org/
http://mxr.mozilla.org/
(The two domains above are almost the same)




Websites information:
"lxr.mozilla.org, mxr.mozilla.org are cross references designed to...

All Links in Two Topics of Indiatimes (indiatimes.com) Are Vulnerable to XSS (Cross Site Scripting) Attacks



(1) Domain Description:
http://www.indiatimes.com


"The Times of India (TOI) is an Indian English-language daily newspaper. It is the third-largest newspaper in India by circulation...

1 / 12