Feb 6: SSCHADV2014-003 - Serendipity 1.7.5 (Backend) - Multiple security vulnerabilities
Advisory:
|
Serendipity 1.7.5 (Backend) – Multiple security vulnerabilities
|
Advisory ID:
|
SSCHADV2014-003
|
Author:
|
Stefan Schurtz
|
Affected Software:
|
Successfully tested on Serendipity 1.7.5
|
Vendor URL:
|
|
Vendor Status:
|
fixed
|
======================
Vulnerability Description
======================
Vulnerability Description
======================
The Serendipity 1.7.5 backend is prone to multiple security vulnerabilities
Geschrieben von Stefan Schurtz
in Security Advisories Kommentare: (0)
Trackbacks: (0)
Zuletzt bearbeitet am 06.02.2014 19:59
Jan 25: [Video] - ssl.bing.com - Cross-site Scripting vulnerability
Geschrieben von Stefan Schurtz
in IT-Security Kommentare: (0)
Trackbacks: (0)
Zuletzt bearbeitet am 25.01.2014 13:08
Jan 25: SSCHADV2013-012 - ssl.bing.com - Cross-site Scripting vulnerability
Advisory:
|
ssl.bing.com – Cross-site Scripting vulnerability
|
Advisory ID:
|
SSCHADV2013-012
|
Author:
|
Stefan Schurtz
|
Affected Software:
|
Successfully tested on ssl.bing.com
|
Vendor URL:
|
|
Vendor Status:
|
fixed
|
======================
Vulnerability Description
======================
Vulnerability Description
======================
The website ‘ssl.bing.com’ is prone to a Cross-site Scripting vulnerability
Geschrieben von Stefan Schurtz
in Security Advisories Kommentare: (0)
Trackback: (1)
Zuletzt bearbeitet am 25.01.2014 13:24
Jan 17: MARKPLAATS.nl Bug Bounty Program #Bounty received
Today I received my bounty for a vulnerability, which I reported for the MARKPLAATS.nl Bug Bounty Program.
And here it is … my ‘ebay classifieds whitehat’ :-)
![]() |
![]() |
Really nice, isnt’t it :-) ?
In my opinion the MARKPLAATS.nl bug bounty program is one of the good ones, fast feedback and a nice contact, too.
By the way, the vulnerability is not fixed yet, so I will publish the advisory to a later time.
Geschrieben von Stefan Schurtz
in Bug Bounty Kommentare: (0)
Trackbacks: (0)
Zuletzt bearbeitet am 10.02.2014 12:07
Jan 11: Yahoo Bug Bounty Program Vulnerability #2 Open Redirect
In Dec ’13 I reported a Open Redirect (and two other vulnerabilities, first in Nov ’13) to the Yahoo Bug Bounty Program. Sadly, I’ve got no response or feedback for any of this issues, so I wrote a new message to them (this time via email).
Last week they told me that Open redirects are no longer in scope of the bug bounty programm :-/
So here is my advisory for this issue:
Geschrieben von
in Bug Bounty Kommentare: (0)
Trackbacks: (0)
Zuletzt bearbeitet am 25.01.2014 12:29
Jan 8: SSCHADV2014-001 - Wordpress Plugin WP-Members Version 2.8.9 - Stored and reflected Cross-site Scripting vulnerabilities
Advisory:
|
Wordpress Plugin WP-Members 2.8.9 – Multiple Cross-site Scripting vulnerabilities
|
Advisory ID:
|
SSCHADV2014-001
|
Author:
|
Stefan Schurtz
|
Affected Software:
|
Successfully tested on WP-Members Version 2.8.9
|
Vendor URL:
|
|
Vendor Status:
|
fixed
|
======================
Vulnerability Description
======================
Vulnerability Description
======================
The Wordpress plugin "WP-Members 2.8.9" is prone to reflected and stored XSS vulnerabilities
Geschrieben von Stefan Schurtz
in Security Advisories Kommentare: (0)
Trackbacks: (0)
Zuletzt bearbeitet am 16.01.2014 01:33
« vorherige Seite
(Seite 2 von 26, insgesamt 152 Einträge)
nächste Seite »