-
Recent Posts
- Trying New Things: Risk and Reward – It Is Important in Internet Days (Tetraph Suggestion)
- 关于海的诗句
- CVE-2014-9469 vBulletin XSS (Cross-Site Scripting) Web Security Vulnerabilities
- 带山的经典古文
- Youth – Beautiful Time
- CVE-2015-2563 – Vastal I-tech phpVID 1.2.3 SQL Injection Web Security Vulnerabilities
- CVE-2015-2209 – DLGuard Full Path Disclosure (Information Leakage) Web Security Vulnerabilities
- CVE-2015-2349 – SuperWebMailer 5.50.0.01160 XSS (Cross-site Scripting) Web Security Vulnerabilities
- CXSecurity WLB-2015040034 6kbbs v8.0 Multiple CSRF (Cross-Site Request Forgery) Web Security Vulnerabilities
- OSVDB 120807 NetCat CMS 3.12 HTML Injection Web Security Vulnerabilities
- OSVDB 119342, 119323 NetCat CMS Multiple HTTP Response Splitting (CRLF) Web Security Vulnerabilities
- 6kbbs v8.0 Weak Encryption Cryptography Security Vulnerabilities
- 熱帶雨林 – S.H.E – 青春株式會社 柔美溫和華文歌曲
- CVE-2014-8753 Cit-e-Net Multiple XSS (Cross-Site Scripting) Web Security Vulnerabilities
- CVE-2015-2242 – Webshop hun v1.062S SQL Injection Web Security Vulnerabilities
- CVE-2014-9468 InstantASP InstantForum.NET Multiple XSS (Cross-Site Scripting) Web Security Vulnerabilities
- CVE-2015-2214 – NetCat CMS Full Path Disclosure (Information Disclosure) Web Security Vulnerabilities
- Feed2JS v1.7 XSS (Cross-site Scripting) Web Security Vulnerabilities
- Opoint Media Intelligence Unvalidated Redirects and Forwards (URL Redirection) Security Vulnerabilities
- NetCat CMS 3.12 Multiple Directory Traversal Security Vulnerabilities
- NetCat CMS 3.12 HTML Injection Security Vulnerabilities
- Webs ID Reflected XSS (Cross-site Scripting) Security Vulnerabilities
- Comsenz SupeSite CMS Stored XSS (Cross-site Scripting) Security Vulnerabilities
- CVE-2014-8490 TennisConnect COMPONENTS System XSS (Cross-Site Scripting) Security Vulnerability
- CVE-2014-8752 JCE-Tech “Video Niche Script” XSS (Cross-Site Scripting) Security Vulnerability
- 15條經典愛情語錄:青春的日子,愛情必不可少
- ヤフーYahoo.co.jpオープンリダイレクトセキュリティ脆弱性
- DoubleClick do Google pode ser vulnerável a ataques
- CNN出现XSS及Open Redirect安全漏洞
- CVE-2014-7290 Atlas Systems Aeon XSS (Cross-Site Scripting) Security Vulnerability
- Vigilantes testing security of IT systems
- 隱蔽重定向安全漏洞
- The Weather Channel fixes web app flaws
- Times of India website vulnerable to Cross Site Scripting (XSS) attacks
- 紐約時報所有2013年前舊文章XSS漏洞
- Times of India website vulnerable to Cross Site Scripting (XSS) attacks
- নতুন নিরাপত্তা ত্রুটি, হুমকির সম্মুখীন ফেসবুক গুগল ব্যবহারকারীরা
- 雅虎日本公开重定向安全漏洞
- Alvorlig feil i utbredt innloggingssystem
- CVE-2014-8751 goYWP WebPress Multiple XSS (Cross-Site Scripting) Security Vulnerabilities
- 描寫秋天的古詩 —— 常用古詩詞19首
- CVE-2014-8751 goYWP WebPress Multiple XSS (Cross-Site Scripting) Security Vulnerabilities
- VE-2014-8754 WordPress “Ad-Manager Plugin” Dest Redirect Privilege Escalation Security Vulnerability
- CVE-2014-7291 Springshare LibCal XSS (Cross-Site Scripting) Security Vulnerability
- CVE-2014-7291 Springshare LibCal XSS (Cross-Site Scripting) Security Vulnerability
- CVE-2014-7292 Newtelligence dasBlog Dest Redirect Privilege Escalation Security Vulnerability
- CVE-2014-7292 Newtelligence dasBlog Dest Redirect Privilege Escalation Security Vulnerability
- CVE-2014-2404 Oracle Manager WebGate Subcomponent Unspecified Remote Information Disclosure
- CVE-2014-2404 Oracle Manager WebGate Subcomponent Unspecified Remote Information Disclosure
- Cross-Site Scripting in Two Subdomain of Mozilla Website
Archives
- November 2015
- October 2015
- September 2015
- August 2015
- July 2015
- June 2015
- May 2015
- April 2015
- March 2015
- February 2015
- January 2015
- December 2014
- November 2014
- October 2014
- September 2014
- August 2014
- July 2014
- June 2014
- May 2014
- November 2013
- August 2013
- April 2013
- February 2013
- November 2012
- October 2012
- September 2012
- April 2012
- February 2012
- October 2011
- April 2011
- November 2010
- April 2010
- February 2010
- April 2009
- February 2009
- July 2008
Categories
- 0Day
- Article
- Celebration
- Computer & Web Technology
- Computer Technology
- Computing Science
- Covert Redirect
- CRLF
- CSRF
- CVE
- CXSecurity
- Database Technology
- Directory Traversal
- DOS
- Essay
- FPD
- Happiness
- Health
- HTML Injection
- Information Leakage
- IT Technology
- Life
- Love
- Mathematics & Statistics
- Memory
- Music
- Open Redirect
- OSVDB
- Phishing
- Poem
- Privilege Escalation
- Spam
- SQL Injection
- Weak Encryption
- Web Application
- Web Application Technology
- Web Technology
- XFS
- XSS
Monthly Archives: February 2015
CVE-2014-9558 SmartCMS Multiple SQL Injection Security Vulnerability
Exploit Title: Smartwebsites SmartCMS v.2 Multiple SQL Injection Security Vulnerabilities Product: SmartCMS v.2 Vendor: Smartwebsites Vulnerable Versions: v.2 Tested Version: v.2 Advisory Publication: Jan 22, 2015 Latest Update: Jan 22, 2015 Vulnerability Type: Improper Neutralization of Special Elements used in … Continue reading
Posted in Computer & Web Technology
Tagged 0-day, application, browser, bug flaw, code programming, coding, computer, cyber-security, database, hacker, information, internet, IT, php, scripting, technology, test, web, website, white-hat
Leave a comment
VE-2014-8754 WordPress “Ad-Manager Plugin” Dest Redirect Privilege Escalation Security Vulnerability
Originally posted on INZEED Business Information & Counsel:
VE-2014-8754 WordPress “Ad-Manager Plugin” Dest Redirect Privilege Escalation Exploit Title: WordPress Ad-Manager Plugin Dest Redirect Privilege Escalation Vulnerability Product: WordPress Ad-Manager Plugin Vendor: CodeCanyon Vulnerable Versions: 1.1.2 Tested Version: 1.1.2 Advisory Publication: Nov…
Posted in Computer & Web Technology
Tagged 0day-exploit, attack-defense, bug-vulnerability, Computer Science, Computer Security, computer-engineering, crime-prevent, cve-information, cyber-intelligence, cyber-security, hacker-prevention, IEEE, Internet-information, IT-news, mas, math student, PHP Code, singapore, spms, wangjing, web-application-test, whitehat-technology
Leave a comment
About Group (about.com) All Topics (At least 99.88% links) Vulnerable to XSS & Iframe Injection Security Attacks, About.com Open Redirect Web Security Vulnerabilities
About Group (about.com) All Topics (At least 99.88% links) Vulnerable to XSS & Iframe Injection Security Attacks, About.com Open Redirect Security Vulnerabilities Vulnerability Description: About.com all “topic sites” are vulnerable to XSS (Cross-Site Scripting) and Iframe Injection (Cross Frame … Continue reading
About Group 超过 99.88% 的链接容易遭受 XSS 和 XFS 攻击
About Group 网站有一个严重的网络安全问题,它容易遭受 XSS (跨站脚本漏洞) XFS (跨Frame脚本漏洞)。这对它的近10亿月访问用户是灾难和毁灭性的。 根据漏洞研究者发布的结果和POC视频,所有About.com的话题(子域名)都可以被攻击者利用。 新加坡南洋理工大学 (NTU) 数学和物理学院 (SPMS) 数学系 (MAS) 的王晶 (Wang Jing) 发布了这个严重的安全漏洞。王晶声称在2014年10月19号,他向 About Group 做了报告,但是迄今为止一直没有收到回复。漏洞的发布时间是2015年2月2号。“到现在为止,漏洞还没有被修复” 王晶说。 与此同时,王晶披露 About.com 主页面的搜索域也容易遭受 XSS 攻击。除此之外,他还发布了一些 About.com 的公开重定向漏洞 (Open Redirect). 王说他的测试是在 Windows 8 的 IE (10.0.9200.16750) 和 Mozilla 的 Firefox … Continue reading
Posted in Computer & Web Technology, Essay
Tagged 0-day漏洞, 白帽子测试信息, 网站 Exploit, 网站攻击防护, 问答网站, 计算机网络漏洞, 计算机工程代码测试, 黑客攻击技术, IEEE 研究, IT安全技术新闻, Open Redirect, PHP-代码-bug, wangjing,About Group, XFS, XSS, 客户端攻击, 应用开发注意, 攻击防护研究
Leave a comment
CVE-2014-2452 Oracle Access Manager Webserver Plugin Subcomponent Unspecified Remote DoS Security Vulnerability
Originally posted on INZEED Business Information & Counsel:
CVE-2014-2452 Oracle Access Manager Webserver Plugin Subcomponent Unspecified Remote DoS Security Vulnerability Exploit Title: Oracle Access Manager Webserver Plugin Subcomponent Unspecified Remote DoS Security Vulnerability Product: Access Manager component in Oracle Fusion…
Posted in CVE, DOS
Tagged 0-day, Application Exploit, browser, Computer Science, Computer Security, cyber-security, Database Tech, Hacker Research, Information Security, Internet Testing, IT Security, IT Technology, PHP Code, Scripting Programming, vulnerability, Web Development, Web Flaw, Web Security, Website Bug, white-hat
Leave a comment
CVE-2015-1475 – My Little Forum Multiple XSS Web Security Vulnerabilities
CVE-2015-1475 – My Little Forum Multiple XSS Web Security Vulnerabilities Exploit Title: My Little Forum Multiple XSS Web Security Vulnerabilities Vendor: My Little Forum Product: My Little Forum Vulnerable Versions: 2.3.3 2.2 1.7 Tested Version: 2.3.3 2.2 1.7 Advisory Publication: … Continue reading
Posted in Celebration, Web Application Technology
Tagged 0-day, 1475, 2.3.3, 2015, application, attack, computer bug, crime prevention, cross-site, cve, cyber-security, exploit, forum, hacker, IT vulnerability, my little, PHP Code, problem, scripting, testing, whitehat, XSS
Leave a comment
CVE-2014-9562 OptimalSite Content Management System (CMS) XSS (Cross-Site Scripting) Web Security Vulnerabilities
CVE-2014-9562 OptimalSite Content Management System (CMS) XSS (Cross-Site Scripting) Web Security Vulnerabilities Exploit Title: OptimalSite CMS /display_dialog.php image Parameter XSS Web Security Vulnerability Vendor: OptimalSite Product: OptimalSite Content Management System (CMS) Vulnerable Versions: V.1 V2.4 Tested Version: V.1 V2.4 … Continue reading
Posted in IT Technology, Web Application Technology
Tagged 0day-exploit, attack-defense, bug-vulnerability, Computer Science, Computer Security, computer-engineering, crime-prevent, cve-information, cyber-intelligence, cyber-security, hacker-prevention, IEEE, Internet-information, IT-news, math student, PHP Code, wangjing, web-application-test, whitehat-technology, XSS
Leave a comment