Warning: opendir(/var/www/html/web1/serendipity/plugins/serendipity_event_dpsyntaxhighlighter/sh/3.0.83.2/scripts/): failed to open dir: No such file or directory in /var/www/html/web1/serendipity/plugins/serendipity_event_dpsyntaxhighlighter/serendipity_event_dpsyntaxhighlighter.php on line 26

Warning: Invalid argument supplied for foreach() in /var/www/html/web1/serendipity/plugins/serendipity_event_dpsyntaxhighlighter/serendipity_event_dpsyntaxhighlighter.php on line 170
Skip to content

Entries tagged as cross site scripting

Related tags

SSCHADV2013-004 - WordPress Plugin 'Feedweb 1.8.8' Cross-site Scripting vulnerability

Posted by Stefan Schurtz on
Advisory:
WordPress Plugin ‘Feedweb 1.8.8’ Cross-site Scripting vulnerability
Advisory ID:
SSCHADV2013-004
Author:
Stefan Schurtz
Affected Software:
Successfully tested on Feedweb 1.8.8
Vendor URL:
Vendor Status:
fixed
CVE-ID:
CVE-2013-2753
 
======================
Vulnerability Description
======================
 

The WordPress plugin ‘Feedweb 1.8.8’ is prone to a XSS vulnerability

Continue reading "SSCHADV2013-004 - WordPress Plugin 'Feedweb 1.8.8' Cross-site Scripting vulnerability"

SSCHADV2012-025 - www.friendscout24.de - Cross-site Scripting vulnerability

Posted by Stefan Schurtz on
Advisory:
www.friendscout24.de – Cross-site Scripting vulnerability
Advisory ID:
SSCHADV2012-025
Author:
Stefan Schurtz
Affected Software:
Successfully tested on www.friendscout24.de
Vendor URL:
Vendor Status:
fixed
 
======================
Vulnerability Description
======================
 
http://www.friendscout24.de is prone to a XSS vulnerability
 
Continue reading "SSCHADV2012-025 - www.friendscout24.de - Cross-site Scripting vulnerability"

SSCHADV2012-026 - www.parship.de - Cross-site Scripting vulnerability

Posted by Stefan Schurtz on
Advisory:
www.parship.de – Cross-site Scripting vulnerability
Advisory ID:
SSCHADV2012-026
Author:
Stefan Schurtz
Affected Software:
Successfully tested on www.parship.de
Vendor URL:
Vendor Status:
fixed
 
======================
Vulnerability Description
======================
 
http://www.parship.de is prone to a Cross-site Scripting vulnerability
 
Continue reading "SSCHADV2012-026 - www.parship.de - Cross-site Scripting vulnerability"

SSCHADV2012-027 - www.datingcafe.de - Cross-site Scripting vulnerability

Posted by Stefan Schurtz on
Advisory:
www.datingcafe.de – Cross-site Scripting vulnerability
Advisory ID:
SSCHADV2012-027
Author:
Stefan Schurtz
Affected Software:
Successfully tested on www.datingcafe.de
Vendor URL:
Vendor Status:
fixed
 
======================
Vulnerability Description
======================
 
http://www.datingcafe.de is prone to a Cross-site Scripting vulnerability
 
Continue reading "SSCHADV2012-027 - www.datingcafe.de - Cross-site Scripting vulnerability"

Shame on me ;-)

Posted by Stefan Schurtz on
I totally forget to publish my Security Advisory about some Cross-Site Request Forgery & Cross-site Scripting vulnerabilities on http://t-online.de. So I published it today.
 
And here is the link to the advisory SSCHADV2012-099 and here are some pictures about the XSS by html file (1, 2), txt file (1, 2, 3) and two videos about the CSRF vulnerabilities :)
 
Continue reading "Shame on me ;-)"
Imprint | Contact | Privacy Statement

Warning: opendir(/var/www/html/web1/serendipity/plugins/serendipity_event_dpsyntaxhighlighter/sh/3.0.83.2/scripts/): failed to open dir: No such file or directory in /var/www/html/web1/serendipity/plugins/serendipity_event_dpsyntaxhighlighter/serendipity_event_dpsyntaxhighlighter.php on line 26

Warning: Invalid argument supplied for foreach() in /var/www/html/web1/serendipity/plugins/serendipity_event_dpsyntaxhighlighter/serendipity_event_dpsyntaxhighlighter.php on line 170