Skip to content

SSCHADV2013-007 - Ligatus Advertising - DOM Based Cross-site Scripting vulnerability

Advisory:
Ligatus Advertising – DOM Based Cross-site Scripting vulnerability
Advisory ID:
SSCHADV2013-007
Author:
Stefan Schurtz
Affected Software:
Successfully tested on a.ligatus.com
Vendor URL:
Vendor Status:
fixed
 
======================
Vulnerability Description
======================
 
The ‘et’-Parameter in Ligatus Advertising is prone to a DOM Based XSS vulnerability.
 
Continue reading "SSCHADV2013-007 - Ligatus Advertising - DOM Based Cross-site Scripting vulnerability"

SSCHADV2013-008 - www.netcraft.com - Search Form Cross-site Scripting vulnerability

Advisory:
www.netcraft.com – Search Form Cross-site Scripting vulnerability
Advisory ID:
SSCHADV2013-008
Author:
Stefan Schurtz
Affected Software:
Successfully tested on www.netcraft.com
Vendor URL:
Vendor Status:
fixed
 
======================
Vulnerability Description
======================
 
The ‘q’-Parameter in the Search Form on www.netcraft.com is prone to a XSS vulnerability
 
Continue reading "SSCHADV2013-008 - www.netcraft.com - Search Form Cross-site Scripting vulnerability"

SSCHADV2013-003 - Omniture web analytics - Open Redirection vulnerability

Advisory:
Omniture web analytics – Open Redirection vulnerability
Advisory ID:
SSCHADV2013-003
Author:
Stefan Schurtz
Affected Software:
Successfully tested on paypal.112.2o7.net
Vendor URL:
Vendor Status:
fixed
 
======================
Vulnerability Description
======================
 
The ‘vmh’-Parameter in Omniture web analytics is prone to a Open Redirection vulnerability
 
Continue reading "SSCHADV2013-003 - Omniture web analytics - Open Redirection vulnerability"
Imprint | Contact | Privacy Statement