Advisory:
|
Omniture web analytics – Open Redirection vulnerability
|
Advisory ID:
|
SSCHADV2013-003
|
Author:
|
Stefan Schurtz
|
Affected Software:
|
Successfully tested on paypal.112.2o7.net
|
Vendor URL:
|
|
Vendor Status:
|
fixed
|
======================
Vulnerability Description
======================
The ‘vmh’-Parameter in Omniture web analytics is prone to a Open Redirection vulnerability
Continue reading "SSCHADV2013-003 - Omniture web analytics - Open Redirection vulnerability"
Advisory:
|
WordPress Plugin ‘AJAX Comment Page 3.25’ Cross-site scripting vulnerability
|
Advisory ID:
|
SSCHADV2013-006
|
Author:
|
Stefan Schurtz
|
Affected Software:
|
Successfully tested on AJAX Comment Page 3.25
|
Vendor URL:
|
|
Vendor Status:
|
fixed
|
CVE-ID:
|
Requested
|
======================
Vulnerability Description
======================
The parameter ‘max’ of the WordPress plugin ‘AJAX Comment Page’ is prone to a XSS vulnerability
Continue reading "SSCHADV2013-006 - WordPress Plugin 'AJAX Comment Page 3.25' Cross-site scripting vulnerability"
Advisory:
|
WordPress Plugin ‘Types 1.2.1.1’ Cross-Site Request Forgery
& Stored Cross-site scripting vulnerability
|
Advisory ID:
|
SSCHADV2013-005
|
Author:
|
Stefan Schurtz
|
Affected Software:
|
Successfully tested on Types 1.2.1.1
|
Vendor URL:
|
|
Vendor Status:
|
fixed
|
CVE-ID:
|
CVE-2013-2768
|
======================
Vulnerability Description
======================
The parameter ‘skypename’ of the WordPress plugin Types 1.2.1.1 is prone to a CSRF and stored XSS vulnerability
Continue reading "SSCHADV2013-005 - WordPress Plugin 'Types 1.2.1.1' Cross-Site Request Forgery & Stored Cross-site scripting vulnerability"
Advisory:
|
WordPress Plugin ‘Feedweb 1.8.8’ Cross-site Scripting vulnerability
|
Advisory ID:
|
SSCHADV2013-004
|
Author:
|
Stefan Schurtz
|
Affected Software:
|
Successfully tested on Feedweb 1.8.8
|
Vendor URL:
|
|
Vendor Status:
|
fixed
|
CVE-ID:
|
CVE-2013-2753
|
======================
Vulnerability Description
======================
The WordPress plugin ‘Feedweb 1.8.8’ is prone to a XSS vulnerability
Continue reading "SSCHADV2013-004 - WordPress Plugin 'Feedweb 1.8.8' Cross-site Scripting vulnerability"
Advisory:
|
www.friendscout24.de – Cross-site Scripting vulnerability
|
Advisory ID:
|
SSCHADV2012-025
|
Author:
|
Stefan Schurtz
|
Affected Software:
|
Successfully tested on www.friendscout24.de
|
Vendor URL:
|
|
Vendor Status:
|
fixed
|
======================
Vulnerability Description
======================
http://www.friendscout24.de is prone to a XSS vulnerability
Continue reading "SSCHADV2012-025 - www.friendscout24.de - Cross-site Scripting vulnerability"
Advisory:
|
www.parship.de – Cross-site Scripting vulnerability
|
Advisory ID:
|
SSCHADV2012-026
|
Author:
|
Stefan Schurtz
|
Affected Software:
|
Successfully tested on www.parship.de
|
Vendor URL:
|
|
Vendor Status:
|
fixed
|
======================
Vulnerability Description
======================
http://www.parship.de is prone to a Cross-site Scripting vulnerability
Continue reading "SSCHADV2012-026 - www.parship.de - Cross-site Scripting vulnerability"