|
Advisory:
|
WordPress Plugin ‘Types 1.2.1.1’ Cross-Site Request Forgery
& Stored Cross-site scripting vulnerability
|
|
Advisory ID:
|
SSCHADV2013-005
|
|
Author:
|
Stefan Schurtz
|
|
Affected Software:
|
Successfully tested on Types 1.2.1.1
|
|
Vendor URL:
|
|
|
Vendor Status:
|
fixed
|
|
CVE-ID:
|
CVE-2013-2768
|
======================
Vulnerability Description
======================
The parameter ‘skypename’ of the WordPress plugin Types 1.2.1.1 is prone to a CSRF and stored XSS vulnerability
Continue reading "SSCHADV2013-005 - WordPress Plugin 'Types 1.2.1.1' Cross-Site Request Forgery & Stored Cross-site scripting vulnerability"
|
Advisory:
|
WordPress Plugin ‘Feedweb 1.8.8’ Cross-site Scripting vulnerability
|
|
Advisory ID:
|
SSCHADV2013-004
|
|
Author:
|
Stefan Schurtz
|
|
Affected Software:
|
Successfully tested on Feedweb 1.8.8
|
|
Vendor URL:
|
|
|
Vendor Status:
|
fixed
|
|
CVE-ID:
|
CVE-2013-2753
|
======================
Vulnerability Description
======================
The WordPress plugin ‘Feedweb 1.8.8’ is prone to a XSS vulnerability
Continue reading "SSCHADV2013-004 - WordPress Plugin 'Feedweb 1.8.8' Cross-site Scripting vulnerability"
|
Advisory:
|
www.friendscout24.de – Cross-site Scripting vulnerability
|
|
Advisory ID:
|
SSCHADV2012-025
|
|
Author:
|
Stefan Schurtz
|
|
Affected Software:
|
Successfully tested on www.friendscout24.de
|
|
Vendor URL:
|
|
|
Vendor Status:
|
fixed
|
======================
Vulnerability Description
======================
http://www.friendscout24.de is prone to a XSS vulnerability
Continue reading "SSCHADV2012-025 - www.friendscout24.de - Cross-site Scripting vulnerability"
|
Advisory:
|
www.parship.de – Cross-site Scripting vulnerability
|
|
Advisory ID:
|
SSCHADV2012-026
|
|
Author:
|
Stefan Schurtz
|
|
Affected Software:
|
Successfully tested on www.parship.de
|
|
Vendor URL:
|
|
|
Vendor Status:
|
fixed
|
======================
Vulnerability Description
======================
http://www.parship.de is prone to a Cross-site Scripting vulnerability
Continue reading "SSCHADV2012-026 - www.parship.de - Cross-site Scripting vulnerability"
|
Advisory:
|
www.datingcafe.de – Cross-site Scripting vulnerability
|
|
Advisory ID:
|
SSCHADV2012-027
|
|
Author:
|
Stefan Schurtz
|
|
Affected Software:
|
Successfully tested on www.datingcafe.de
|
|
Vendor URL:
|
|
|
Vendor Status:
|
fixed
|
======================
Vulnerability Description
======================
http://www.datingcafe.de is prone to a Cross-site Scripting vulnerability
Continue reading "SSCHADV2012-027 - www.datingcafe.de - Cross-site Scripting vulnerability"
|
Advisory:
|
t-online.de eMail Center – Cross-Site Request Forgery & XSS vulnerabilities
|
|
Advisory ID:
|
SSCHADV2012-099
|
|
Author:
|
Stefan Schurtz
|
|
Affected Software:
|
Successfully tested on email.t-online.de
|
|
Vendor URL:
|
|
|
Vendor Status:
|
fixed
|
======================
Vulnerability Description
======================
http://email.t-online.de is prone to multiple CSRF and XSS vulnerabilities
Continue reading "SSCHADV2012-099 - t-online.de eMail Center - Cross-Site Request Forgery & Cross-site Scripting vulnerabilities"