Monthly Archives: January 2015

Alibaba Taobao, AliExpress, Tmall, Online Electronic Shopping Website XSS & Open Redirect Security Vulnerabilities

Alibaba Taobao, AliExpress, Tmall, Online Electronic Shopping Website XSS & Open Redirect Security Vulnerabilities Domains Basics: Alibaba Taobao, AliExpress, Tmall are the top three online shopping websites belonging to Alibaba. Vulnerability Discover: Jing Wang, Division of Mathematical Sciences (MAS), School … Continue reading

Posted in IT Technology, Open Redirect, Spam, XSS | Tagged , , , , , , , , , , , , , , , , | Leave a comment

Facebook Old Generated URLs Still Vulnerable to Open Redirect Attacks & A New Open Redirect Web Security Bugs

Facebook Old Generated URLs Still Vulnerable to Open Redirect Attacks & A New Open Redirect Web Security Bugs Domain: http://www.facebook.com “Facebook is an online social networking service headquartered in Menlo Park, California. Its website was launched on February 4, 2004, … Continue reading

Posted in Computing Science, Open Redirect, Phishing | Tagged , , , , , , , , , , , , | Leave a comment

CVE-2014-8489 Ping Identity Corporation “PingFederate 6.10.1 SP Endpoints” Dest Redirect Privilege Escalation Security Vulnerability

Originally posted on INZEED Business Information & Counsel:
CVE-2014-8489 Ping Identity Corporation “PingFederate 6.10.1 SP Endpoints” Dest Redirect Privilege Escalation Security Vulnerability Exploit Title: “Ping Identity Corporation” “PingFederate 6.10.1 SP Endpoints” Dest Redirect Privilege Escalation Security Vulnerability Product: PingFederate 6.10.1…

Posted in Computer & Web Technology | Tagged , , , , , , , , , , , , , , , , , , , , , | Leave a comment

CVE-2014-9561 Softbb.net SoftBB XSS (Cross-Site Scripting) Security Vulnerability

CVE-2014-9561 Softbb.net SoftBB XSS (Cross-Site Scripting) Security Vulnerability Exploit Title: Softbb.net SoftBB /redir_last_post_list.php post Parameter XSS Product: SoftBB (mods) Vendor: Softbb.net Vulnerable Versions: v0.1.3 Tested Version: v0.1.3 Advisory Publication: Jan 10, 2015 Latest Update: Jan 10, 2015 Vulnerability Type: Cross-Site Scripting … Continue reading

Posted in Computer & Web Technology | Tagged , , , , , , , , , , , , , , , , , , , , , | Leave a comment

Yahoo and Yahoo Japan May be Vulnerable to Spams

Yahoo and Yahoo Japan May be Vulnerable to Spams Student security researcher Wang Jing from School of Physical and Mathematical Science at Nanyang Technological University, Singapore, has found new security vulnerabilities related to Yahoo. After reporting several Open Redirect vulnerabilities to Yahoo. Yahoo’s … Continue reading

Posted in Computer & Web Technology | Tagged , , , , , , , , , , , , , , , , , , , , , | Leave a comment

CVE-2014-9557 SMARTCMS MULTIPLE XSS (CROSS-SITE SCRIPTING) SECURITY VULNERABILITY

Exploit Title: Smartwebsites SmartCMS v.2 Multiple XSS Security Vulnerabilities Product: SmartCMS v.2 Vendor: Smartwebsites Vulnerable Versions: v.2 Tested Version: v.2 Advisory Publication: Jan 22, 2015 Latest Update: Jan 22, 2015 Vulnerability Type: Cross-Site Scripting [CWE-79] CVE Reference: CVE-2014-9557 CVSS Severity … Continue reading

Posted in Computer & Web Technology | Tagged , , , , , , , , , , , , , , , , , , , , , | Leave a comment

Vastal I-tech phpVID 1.2.3 Multiple XSS (Cross-site Scripting) Security Vulnerabilities

Originally posted on Web Technology Wire:
Vastal I-tech phpVID 1.2.3 Multiple XSS (Cross-site Scripting) Security Vulnerabilities Exploit Title: Vastal I-tech phpVID Multiple XSS Security Vulnerabilities Product: phpVID Vendor: Vastal I-tech Vulnerable Versions: 1.2.3 0.9.9 Tested Version: 1.2.3 0.9.9 Advisory Publication:…

Posted in Computer & Web Technology | Tagged , , , , , , , , , , , , , , , , , , , | Leave a comment