Skip to content

SSCHADV2013-002 - heise.de - Cross-site Scripting vulnerability

Advisory:
heise.de – Cross-site Scripting vulnerability
Advisory ID:
SSCHADV2013-002
Author:
Stefan Schurtz
Affected Software:
Successfully tested on heise.de
Vendor URL:
Vendor Status:
fixed
 
======================
Vulnerability Description
======================
 
http://www.heise.de is prone to a XSS vulnerability
 
Continue reading "SSCHADV2013-002 - heise.de - Cross-site Scripting vulnerability"

SSCHADV2013-001 - Websitebaker Add-on 'Concert Calendar 2.1.4' XSS & SQLi vulnerability

Advisory:
Websitebaker Add-on ‘Concert Calendar 2.1.4’ XSS & SQLi vulnerability
Advisory ID:
SSCHADV2013-001
Author:
Stefan Schurtz
Affected Software:
Successfully tested on Concert Calendar 2.1.4
Vendor URL:
Vendor Status:
fixed
 
======================
Vulnerability Description
======================
 
Websitebaker Add-on ‘Concert Calendar 2.1.4’ is prone to a XSS and SQLi vulnerability
 
Continue reading "SSCHADV2013-001 - Websitebaker Add-on 'Concert Calendar 2.1.4' XSS & SQLi vulnerability"

SSCHADV2012-023 - Hero Framework 3.76 Cross-site Scripting vulnerability

Advisory:
Hero Framework 3.76 Multiple Cross-site Scripting vulnerabilities
Advisory ID:
SSCHADV2012-023
Author:
Stefan Schurtz
Affected Software:
Successfully tested on Hero Framework 3.76
Vendor URL:
Vendor Status:
informed
 
======================
Vulnerability Description
======================
 
Hero Framework 3.76 is prone to multiple Cross-Site Scripting vulnerabilities
 
Continue reading "SSCHADV2012-023 - Hero Framework 3.76 Cross-site Scripting vulnerability"

My new article on heise Security

Here is my newest article, published on heise Security.
 
This time it’s about the Web-Security tool "CSRFTester" from The Open Web Application Security Project (OWASP). It’s a short overview how to use the CSRFTester to identify "Cross Site Request Forgery" vulnerabilites in web applications.
 
Here is the link to the article: http://heise.de/-1735223
 
Enjoy yourself!

SSCHADV2012-022 - Piwigo 2.4.3 Cross-Site Scripting vulnerability

Advisory:
Piwigo 2.4.3 Cross-Site Scripting vulnerability
Advisory ID:
SSCHADV2012-022
Author:
Stefan Schurtz
Affected Software:
Successfully tested on Piwigo 2.4.3
Vendor URL:
Vendor Status:
fixed
 
======================
Vulnerability Description
======================
 
Piwigo 2.4.3 is prone to a Cross-Site Scripting vulnerability
 
Continue reading "SSCHADV2012-022 - Piwigo 2.4.3 Cross-Site Scripting vulnerability"

SSCHADV2012-021 - Zen cart v1.5.0 & v1.51 Cross-Site Scripting vulnerability

Advisory:
Zen cart v1.5.0 & v1.51 Cross-Site Scripting vulnerability
Advisory ID:
SSCHADV2012-021
Author:
Stefan Schurtz
Affected Software:
Successfully tested on Zen-cart-v150-12302011
Vendor URL:
Vendor Status:
fixed
 
======================
Vulnerability Description
======================
 
Zen cart v1.5.0 & v1.51 are prone to a Cross-Site Scripting vulnerability
 
Continue reading "SSCHADV2012-021 - Zen cart v1.5.0 & v1.51 Cross-Site Scripting vulnerability"
Imprint | Contact | Privacy Statement