Security Advisories | Entries from Saturday, February 18. 2012

Warning: opendir(/var/www/html/web1/serendipity/plugins/serendipity_event_dpsyntaxhighlighter/sh/3.0.83.2/scripts/): failed to open dir: No such file or directory in /var/www/html/web1/serendipity/plugins/serendipity_event_dpsyntaxhighlighter/serendipity_event_dpsyntaxhighlighter.php on line 26

Warning: Invalid argument supplied for foreach() in /var/www/html/web1/serendipity/plugins/serendipity_event_dpsyntaxhighlighter/serendipity_event_dpsyntaxhighlighter.php on line 170
Skip to content

SSCHADV2012-003 - WebsiteBaker 2.8.2 SP2 HTTP-Referer XSS vulnerability

Posted by Stefan Schurtz on Saturday, February 18. 2012

Advisory:	WebsiteBaker 2.8.2 SP2 HTTP-Referer XSS vulnerability
Advisory ID:	SSCHADV2012-003
Author:	Stefan Schurtz
Affected Software:	Successfully tested on WebsiteBaker 2.8.2 SP2
Vendor URL:	http://www.websitebaker2.org
Vendor Status:	fixed

======================
Vulnerability Description
======================

HTTP-Referer in WebsiteBaker 2.8.2 SP2 is prone to a XSS vulnerability

Continue reading "SSCHADV2012-003 - WebsiteBaker 2.8.2 SP2 HTTP-Referer XSS vulnerability"

Sidebar

Calendar

Werbung

Exploit-DB updates by Offensive Security

[webapps] Flowise 1.6.5 - Authentication Bypass

Sunday, April 21. 2024

[webapps] Laravel Framework 11 - Credential Leakage

Sunday, April 21. 2024

[webapps] SofaWiki 3.9.2 - Remote Command Execution (RCE) (Authenticated)

Sunday, April 21. 2024

[webapps] Wordpress Plugin Background Image Cropper v1.2 - Remote Code Execution

Sunday, April 21. 2024

[webapps] FlatPress v1.3 - Remote Command Execution

Sunday, April 21. 2024

OpenBSD Journal

Game of Trees 0.98 released

Wednesday, April 24. 2024

pfctl(8) and systat(8) to display fragment reassembly statistics

Tuesday, April 23. 2024

Coming soon to a -current system near you: parallel raw IP input

Thursday, April 18. 2024

In -current, default write format for tar(1) changed to "pax"

Wednesday, April 17. 2024

OpenSMTPD 7.5.0p0 Released

Wednesday, April 10. 2024

20 years since "and we're just starting": undeadly.org turns 20 (2024-04-09)

Tuesday, April 9. 2024

OpenBSD 7.5 released

Friday, April 5. 2024

LibreSSL 3.8.4 and 3.9.1 released

Thursday, March 28. 2024

OpenSSH 9.7/9.7p1 released!

Tuesday, March 12. 2024

Archives

Blog Administration

Open login screen

Imprint | Contact | Privacy Statement

Warning: opendir(/var/www/html/web1/serendipity/plugins/serendipity_event_dpsyntaxhighlighter/sh/3.0.83.2/scripts/): failed to open dir: No such file or directory in /var/www/html/web1/serendipity/plugins/serendipity_event_dpsyntaxhighlighter/serendipity_event_dpsyntaxhighlighter.php on line 26

Warning: Invalid argument supplied for foreach() in /var/www/html/web1/serendipity/plugins/serendipity_event_dpsyntaxhighlighter/serendipity_event_dpsyntaxhighlighter.php on line 170