darksecurity.de | Entries tagged as security

Warning: opendir(/var/www/html/web1/serendipity/plugins/serendipity_event_dpsyntaxhighlighter/sh/3.0.83.2/scripts/): failed to open dir: No such file or directory in /var/www/html/web1/serendipity/plugins/serendipity_event_dpsyntaxhighlighter/serendipity_event_dpsyntaxhighlighter.php on line 26

Warning: Invalid argument supplied for foreach() in /var/www/html/web1/serendipity/plugins/serendipity_event_dpsyntaxhighlighter/serendipity_event_dpsyntaxhighlighter.php on line 170
Skip to content

Entries tagged as security

SSCHADV2013-003 - Omniture web analytics - Open Redirection vulnerability

Posted by Stefan Schurtz on Thursday, May 2. 2013

Advisory:	Omniture web analytics – Open Redirection vulnerability
Advisory ID:	SSCHADV2013-003
Author:	Stefan Schurtz
Affected Software:	Successfully tested on paypal.112.2o7.net
Vendor URL:	http://www.omniture.com/
Vendor Status:	fixed

======================
Vulnerability Description
======================

The ‘vmh’-Parameter in Omniture web analytics is prone to a Open Redirection vulnerability

Continue reading "SSCHADV2013-003 - Omniture web analytics - Open Redirection vulnerability"

SSCHADV2013-006 - WordPress Plugin 'AJAX Comment Page 3.25' Cross-site scripting vulnerability

Posted by Stefan Schurtz on Saturday, April 6. 2013

^Advisory:	WordPress Plugin ‘AJAX Comment Page 3.25’ Cross-site scripting vulnerability
Advisory ID:	SSCHADV2013-006
Author:	Stefan Schurtz
Affected Software:	Successfully tested on AJAX Comment Page 3.25
Vendor URL:	http://mr.hokya.com/ajax-comment-page/
Vendor Status:	fixed
CVE-ID:	Requested

======================
Vulnerability Description
======================

The parameter ‘max’ of the WordPress plugin ‘AJAX Comment Page’ is prone to a XSS vulnerability

Continue reading "SSCHADV2013-006 - WordPress Plugin 'AJAX Comment Page 3.25' Cross-site scripting vulnerability"

SSCHADV2013-005 - WordPress Plugin 'Types 1.2.1.1' Cross-Site Request Forgery & Stored Cross-site scripting vulnerability

Posted by Stefan Schurtz on Saturday, April 6. 2013

^Advisory:	WordPress Plugin ‘Types 1.2.1.1’ Cross-Site Request Forgery & Stored Cross-site scripting vulnerability
Advisory ID:	SSCHADV2013-005
Author:	Stefan Schurtz
Affected Software:	Successfully tested on Types 1.2.1.1
Vendor URL:	http://wordpress.org/extend/plugins/types/
Vendor Status:	fixed
CVE-ID:	CVE-2013-2768

======================
Vulnerability Description
======================

The parameter ‘skypename’ of the WordPress plugin Types 1.2.1.1 is prone to a CSRF and stored XSS vulnerability

Continue reading "SSCHADV2013-005 - WordPress Plugin 'Types 1.2.1.1' Cross-Site Request Forgery & Stored Cross-site scripting vulnerability"

SSCHADV2013-004 - WordPress Plugin 'Feedweb 1.8.8' Cross-site Scripting vulnerability

Posted by Stefan Schurtz on Tuesday, April 2. 2013

Advisory:	WordPress Plugin ‘Feedweb 1.8.8’ Cross-site Scripting vulnerability
Advisory ID:	SSCHADV2013-004
Author:	Stefan Schurtz
Affected Software:	Successfully tested on Feedweb 1.8.8
Vendor URL:	http://wordpress.org/extend/plugins/feedweb/
Vendor Status:	fixed
CVE-ID:	CVE-2013-2753

======================
Vulnerability Description
======================

The WordPress plugin ‘Feedweb 1.8.8’ is prone to a XSS vulnerability

Continue reading "SSCHADV2013-004 - WordPress Plugin 'Feedweb 1.8.8' Cross-site Scripting vulnerability"

SSCHADV2012-025 - www.friendscout24.de - Cross-site Scripting vulnerability

Posted by Stefan Schurtz on Wednesday, February 13. 2013

Advisory:	www.friendscout24.de – Cross-site Scripting vulnerability
Advisory ID:	SSCHADV2012-025
Author:	Stefan Schurtz
Affected Software:	Successfully tested on www.friendscout24.de
Vendor URL:	http://www.friendscout24.de
Vendor Status:	fixed

======================
Vulnerability Description
======================

http://www.friendscout24.de is prone to a XSS vulnerability

Continue reading "SSCHADV2012-025 - www.friendscout24.de - Cross-site Scripting vulnerability"

SSCHADV2012-026 - www.parship.de - Cross-site Scripting vulnerability

Posted by Stefan Schurtz on Tuesday, February 5. 2013

Advisory:	www.parship.de – Cross-site Scripting vulnerability
Advisory ID:	SSCHADV2012-026
Author:	Stefan Schurtz
Affected Software:	Successfully tested on www.parship.de
Vendor URL:	http://www.parship.de
Vendor Status:	fixed

======================
Vulnerability Description
======================

http://www.parship.de is prone to a Cross-site Scripting vulnerability

Continue reading "SSCHADV2012-026 - www.parship.de - Cross-site Scripting vulnerability"

Sidebar

Calendar

Werbung

Exploit-DB updates by Offensive Security

[webapps] Flowise 1.6.5 - Authentication Bypass

Sunday, April 21. 2024

[webapps] Laravel Framework 11 - Credential Leakage

Sunday, April 21. 2024

[webapps] SofaWiki 3.9.2 - Remote Command Execution (RCE) (Authenticated)

Sunday, April 21. 2024

[webapps] Wordpress Plugin Background Image Cropper v1.2 - Remote Code Execution

Sunday, April 21. 2024

[webapps] FlatPress v1.3 - Remote Command Execution

Sunday, April 21. 2024

OpenBSD Journal

Passphrase timeout for disk decryption at boot added (potential battery lifesaver)

Friday, April 26. 2024

Game of Trees 0.98 released

Wednesday, April 24. 2024

pfctl(8) and systat(8) to display fragment reassembly statistics

Tuesday, April 23. 2024

Coming soon to a -current system near you: parallel raw IP input

Thursday, April 18. 2024

In -current, default write format for tar(1) changed to "pax"

Wednesday, April 17. 2024

OpenSMTPD 7.5.0p0 Released

Wednesday, April 10. 2024

20 years since "and we're just starting": undeadly.org turns 20 (2024-04-09)

Tuesday, April 9. 2024

OpenBSD 7.5 released

Friday, April 5. 2024

LibreSSL 3.8.4 and 3.9.1 released

Thursday, March 28. 2024

Archives

Blog Administration

Open login screen

Imprint | Contact | Privacy Statement

Warning: opendir(/var/www/html/web1/serendipity/plugins/serendipity_event_dpsyntaxhighlighter/sh/3.0.83.2/scripts/): failed to open dir: No such file or directory in /var/www/html/web1/serendipity/plugins/serendipity_event_dpsyntaxhighlighter/serendipity_event_dpsyntaxhighlighter.php on line 26

Warning: Invalid argument supplied for foreach() in /var/www/html/web1/serendipity/plugins/serendipity_event_dpsyntaxhighlighter/serendipity_event_dpsyntaxhighlighter.php on line 170