Tag Archives: JingWang

CVE-2015-2563 – Vastal I-tech phpVID 1.2.3 SQL Injection Web Security Vulnerabilities

CVE-2015-2563 – Vastal I-tech phpVID 1.2.3 SQL Injection Web Security Vulnerabilities   CVE-2015-2563 – Vastal I-tech phpVID 1.2.3 SQL Injection Web Security Vulnerabilities   Exploit Title: CVE-2015-2563 Vastal I-tech phpVID /groups.php Multiple Parameters SQL Injection Web Security Vulnerabilities Product: phpVID … Continue reading

Posted in Article, Computer Technology, Database Technology, Web Application Technology | Tagged , , , , , , , , , , , , , , , , , , , , , | Leave a comment

CVE-2015-2209 – DLGuard Full Path Disclosure (Information Leakage) Web Security Vulnerabilities

    CVE-2015-2209 – DLGuard Full Path Disclosure (Information Leakage) Web Security Vulnerabilities Exploit Title: DLGuard “/index.php?” “&c” parameter Full Path Disclosure Web Security Vulnerabilities Product: DLGuard Vendor: DLGuard Vulnerable Versions: v4.5 Tested Version: v4.5 Advisory Publication: January 18, 2015 … Continue reading

Posted in CVE, FPD, Information Leakage | Tagged , , , , , , , , , , , , , , , , , | Leave a comment

CVE-2015-2349 – SuperWebMailer 5.50.0.01160 XSS (Cross-site Scripting) Web Security Vulnerabilities

CVE-2015-2349 – SuperWebMailer 5.50.0.01160 XSS (Cross-site Scripting) Web Security Vulnerabilities Exploit Title: CVE-2015-2349 – SuperWebMailer /defaultnewsletter.php” HTMLForm Parameter XSS Web Security Vulnerabilities Product: SuperWebMailer Vendor: SuperWebMailer Vulnerable Versions: 5.*.0.* 4.*.0.* Tested Version: 5.*.0.* 4.*.0.* Advisory Publication: March 11, 2015 Latest … Continue reading

Posted in Computer & Web Technology, IT Technology, Web Application Technology | Tagged , , , , , , , , , , , , , , , , , , , , , , , , , , , | Leave a comment

CVE-2015-2066 – DLGuard SQL Injection Web Security Vulnerabilities

  CVE-2015-2066 – DLGuard SQL Injection Web Security Vulnerabilities Exploit Title: CVE-2015-2066 DLGuard /index.php c parameter SQL Injection Web Security Vulnerabilities Product: DLGuard Vendor: DLGuard Vulnerable Versions: v4.5 Tested Version: v4.5 Advisory Publication: February 18, 2015 Latest Update: May 01, … Continue reading

Posted in CVE, Database Technology, SQL Injection | Tagged , , , , , , , , , , , , , , , , , , | Leave a comment

Yahoo and Yahoo Japan May be Vulnerable to Spams

Yahoo and Yahoo Japan May be Vulnerable to Spams Student security researcher Wang Jing from School of Physical and Mathematical Science at Nanyang Technological University, Singapore, has found new security vulnerabilities related to Yahoo. After reporting several Open Redirect vulnerabilities to Yahoo. Yahoo’s … Continue reading

Posted in Computer & Web Technology | Tagged , , , , , , , , , , , , , , , , , , , , , | Leave a comment

76.3% WEATHER CHANNEL WEBSITE LINKS VULNERABLE TO REFLECTED CROSS-SITE SCRIPTING (XSS)

  Popular Weather Channel web site (Weather.com) has been found to be vulnerable to a reflected Cross-Site Scripting flaw, according to security researcher Wang Jing’s research. The vulnerability lies in that Weather.com does not filter malicious script codes when constructing … Continue reading

Posted in Article, Life, Web Technology | Tagged , , , , , , , , , , , , | Leave a comment

XSS κίνδυνοι εντοπίστηκαν σε συνδέσμους στο New York Times σε άρθρα πριν το 2013

Originally posted on INZEED Business Information & Counsel:
Οι διευθύνσεις URL σε άρθρα στους New York Times (NYT) που δημοσιεύτηκαν πριν από το 2013 έχουν βρεθεί να είναι ευάλωτες σε XSS (cross-site scripting) επίθεση, ικανή να μεταφέρει κώδικα που θα…

Posted in Computer & Web Technology, Web Application Technology | Tagged , , , , , , , , , , , , , , , , , , , , , , , , , , , | Leave a comment