- Vuln: Mahara Resume Blocktype Cross Site Scripting Vulnerability
- Vuln: Mahara Admin Password Reset Security Bypass Vulnerability
- Vuln: Google Chrome prior to 3.0.195.32 Multiple Security Vulnerabilities
- Vuln: Multiple Horde Products Cross-Site Scripting Vulnerabilities and File Overwrite Vulnerability
- Vuln: Mod_Perl Path_Info Remote Denial Of Service Vulnerability
- Vuln: Apache mod_perl 'Apache::Status' and 'Apache2::Status' Cross Site Scripting Vulnerability
- Vuln: FreeBSD 'fifo_vnops.c' Resource Leak Local Denial of Service Vulnerability
- Vuln: Citrix NetScaler and Access Gateway Denial Of Service Vulnerability
- Vuln: PDFLib 'open_basedir' Restriction Bypass Vulnerability
- Vuln: Multiple Vendor TLS Protocol Session Renegotiation Security Vulnerability
Search
Search Result
-
Best of Application Security (Friday, Nov. 6)
Category: Network Security & Hacking News/Latest Security News
... Security 2009 will be selected! Another fine method to exploit SQL Injection and bypass WAF Security and Facebook Platform When Is More Important Than Where in Web Application Security Apple - XSS Attack ...Friday, 06 November 2009 -
Vuln: Drupal Zoomify Module 'node title' HTML Injection Vulnerability
Category: Network Security & Hacking News/Security Exploits and Security Patches
Drupal Zoomify Module 'node title' HTML Injection Vulnerability Read Full Article ...Wednesday, 04 November 2009 -
Vuln: Drupal Organic Groups Vocabulary Group Title HTML Injection Vulnerability
Category: Network Security & Hacking News/Security Exploits and Security Patches
Drupal Organic Groups Vocabulary Group Title HTML Injection Vulnerability Read Full Article ...Wednesday, 04 November 2009 -
Vuln: Drupal Link Module 'Link Title' HTML Injection Vulnerability
Category: Network Security & Hacking News/Security Exploits and Security Patches
Drupal Link Module 'Link Title' HTML Injection Vulnerability Read Full Article ...Wednesday, 04 November 2009 -
3 Tips to Improve Your Organization’s Application Security
Category: Network Security & Hacking News/Latest Security News
... developers evaluate outdated applications, for instance, will go a long way toward preventing any potential vulnerabilities from being exploited. SQL injection and XSS account for 32% of all indents ...Wednesday, 04 November 2009 -
Vuln: Best Practical Solutions RT 'Custom Field' HTML Injection Vulnerability
Category: Network Security & Hacking News/Security Exploits and Security Patches
Best Practical Solutions RT 'Custom Field' HTML Injection Vulnerability Read Full Article ...Tuesday, 03 November 2009 -
Vuln: Drupal S5 Presentation Player Module HTML Injection Vulnerability
Category: Network Security & Hacking News/Security Exploits and Security Patches
Drupal S5 Presentation Player Module HTML Injection Vulnerability Read Full Article ...Tuesday, 03 November 2009 -
Vuln: Roundcube Webmail Background Attributes Email Message HTML Injection Vulnerability
Category: Network Security & Hacking News/Security Exploits and Security Patches
Roundcube Webmail Background Attributes Email Message HTML Injection Vulnerability Read Full Article ...Tuesday, 03 November 2009 -
Microsoft report says more worms, vista better, file formats security
Category: Network Security & Hacking News/Latest Security News
... Phishing and Automated SQL Injection Attempts are on rise. Browser Based Exploits are increasing. You can get the report @ MS Threat Center Microsoft has released their latest Security Intelligence ...Monday, 02 November 2009 -
Pricing Scheme for a DDoS Extortion Attack
Category: Network Security & Hacking News/Latest Security News
... all of which originally developed thanks to the "malicious economies of scale" (massive SQL injections through search engines' reconnaissance, standardizing the social engineering process, the money mule ...Monday, 02 November 2009 -
Vuln: Xerox Fiery WebTools 'summary.php' SQL Injection Vulnerability
Category: Network Security & Hacking News/Security Exploits and Security Patches
Xerox Fiery WebTools 'summary.php' SQL Injection Vulnerability Read Full Article ...Monday, 02 November 2009 -
Software Security Initiatives:Maturity Models, Metrics and Business Cases
Category: Network Security & Hacking News/Latest Security News
... from public sources such as datalossdb.org and WHID to estimate a probability of a data loss related to a web application exploit such as SQL injection. For the impact, I will refer to a population of ...Sunday, 01 November 2009 -
Vuln: PunBB 'pun_attachment' extension SQL Injection Vulnerability
Category: Network Security & Hacking News/Security Exploits and Security Patches
PunBB 'pun_attachment' extension SQL Injection Vulnerability Read Full Article ...Wednesday, 28 October 2009 -
Vuln: Drupal Workflow Module Multiple HTML Injection Vulnerabilities
Category: Network Security & Hacking News/Security Exploits and Security Patches
Drupal Workflow Module Multiple HTML Injection Vulnerabilities Read Full Article ...Wednesday, 28 October 2009 -
Designing and Tuning High-Performance Fuel Injection Systems (Paperback) newly tagged "programming"
Category: Network Security & Hacking Products/Programming
Designing and Tuning High-Performance Fuel Injection Systems (Paperback) By Greg Banish Buy new: $16.47 16 used and new from $15.81 Customer Rating: First tagged ...Wednesday, 28 October 2009 -
Beltway Sniper John Allen Muhammad Scheduled for Execution
Category: Network Security & Hacking News/Global Security News
Convicted Beltway sniper John Allen Muhammad is scheduled to be executed by lethal injection November 10, a Virginia corrections official said Tuesday. Muhammad was offered a choice in method of execution, ...Tuesday, 27 October 2009 -
Ongoing FDIC Spam Campaign Serves Zeus Crimeware
Category: Network Security & Hacking News/Latest Security News
... Scams Fast-Fluxing SQL injection attacks executed from the Asprox botnet This post has been reproduced from Dancho Danchev's blog. Read Full Article ...Tuesday, 27 October 2009 -
Vuln: Drupal Insert Node Module HTML Injection Vulnerability
Category: Network Security & Hacking News/Security Exploits and Security Patches
Drupal Insert Node Module HTML Injection Vulnerability Read Full Article ...Tuesday, 27 October 2009 -
Review of Hacking Exposed: Web 2.0 Posted
Category: Network Security & Hacking News/Latest Security News
... example, p 8 mentions using prepared statements as a defense against SQL injection. However, only a paragraph on the topic appears, with no code samples (unlike TWAHH). Note: McGraw-Hill Osborne provided ...Monday, 26 October 2009 -
Review of Web Security Testing Cookbook Posted
Category: Network Security & Hacking News/Latest Security News
... and SQL Injection Attacks and Defense (SIAAD). Is there really a need for another Web security book like Web Security Testing Cookbook (WSTC)? The answer is an emphatic yes. While TWAHH and SIAAD include ...Monday, 26 October 2009 -
Review of SQL Injection Attacks and Defense Posted
Category: Network Security & Hacking News/Latest Security News
Amazon.com just posted my five star review of SQL Injection Attacks and Defense by Justin Clarke, et al. From the review: I just finished reviewing The Web Application Hacker's Handbook, calling it a ...Monday, 26 October 2009 -
Vuln: Joomla! 'com_photoblog' Component 'category' Parameter SQL Injection Vulnerability
Category: Network Security & Hacking News/Security Exploits and Security Patches
Joomla! 'com_photoblog' Component 'category' Parameter SQL Injection Vulnerability Read Full Article ...Sunday, 25 October 2009 -
Vuln: Joomla! 'com_jshop' Component 'pid' Parameter SQL Injection Vulnerability
Category: Network Security & Hacking News/Security Exploits and Security Patches
Joomla! 'com_jshop' Component 'pid' Parameter SQL Injection Vulnerability Read Full Article ...Sunday, 25 October 2009 -
Vuln: Oracle Database Text Component 'ctxsys.drvxtabc.create_tables' Remote SQL Injection Vulnerability
Category: Network Security & Hacking News/Security Exploits and Security Patches
Oracle Database Text Component 'ctxsys.drvxtabc.create_tables' Remote SQL Injection Vulnerability Read Full Article ...Sunday, 25 October 2009 -
Typo3 update closes numerous critical holes
Category: Network Security & Hacking News/Latest Security News
The problems include cross-site scripting vulnerabilities, SQL injection holes and the possibility to submit and run commands on the system shell The problems include cross-site scripting vulnerabilities, ...Friday, 23 October 2009 -
Vuln: Websense Email Security Cross Site Scripting and HTML Injection Vulnerabilities
Category: Network Security & Hacking News/Security Exploits and Security Patches
Websense Email Security Cross Site Scripting and HTML Injection Vulnerabilities Read Full Article ...Thursday, 22 October 2009 -
Vuln: Drupal Moodle Course List Module Unspecified SQL Injection Vulnerability
Category: Network Security & Hacking News/Security Exploits and Security Patches
Drupal Moodle Course List Module Unspecified SQL Injection Vulnerability Read Full Article ...Wednesday, 21 October 2009 -
Vuln: Drupal Flag Content Module HTML Injection Vulnerability
Category: Network Security & Hacking News/Security Exploits and Security Patches
Drupal Flag Content Module HTML Injection Vulnerability Read Full Article ...Wednesday, 21 October 2009 -
Vuln: Drupal Organic Groups Vocabulary Group Title HTML Injection Vulnerability
Category: Network Security & Hacking News/Security Exploits and Security Patches
Drupal Organic Groups Vocabulary Group Title HTML Injection Vulnerability Read Full Article ...Wednesday, 21 October 2009 -
Vuln: Cisco IOS HTTP Service CDP Status Page HTML Injection Vulnerability
Category: Network Security & Hacking News/Security Exploits and Security Patches
Cisco IOS HTTP Service CDP Status Page HTML Injection Vulnerability Read Full Article ...Wednesday, 21 October 2009 -
White box better than black box
Category: Network Security & Hacking News/Latest Security News
... Now the sample set of apps is not the same so this can only be used as a trend. Static is better than dynamic in 5 out of 7 categories: credential/session prediction, SQL Injection, Path Traversal, Insufficient ...Wednesday, 21 October 2009 -
SQL Injection Attacks and Defense Book Review
Category: Network Security & Hacking News/Latest Security News
SQL Injection Attacks and Defense Book Review Justin Clarke (and others) 5 stars Most Up To Date and Digestible Book on SQL Injection First off, kudos to Syngress for putting out a high quality book. ...Tuesday, 20 October 2009 -
Vuln: OpenDocMan Cross Site Scripting and SQL Injection Vulnerabilities
Category: Network Security & Hacking News/Security Exploits and Security Patches
OpenDocMan Cross Site Scripting and SQL Injection Vulnerabilities Read Full Article ...Tuesday, 20 October 2009 -
Fortify warns new WiFi Standard could pose major security threat
Category: Network Security & Hacking News/Latest Security News
... this form of back door hacking, mobile devices rarely have robust enough code to stop network nasties such as SQL Injections and the like. Companies are now putting more applications on their mobile devices, ...Tuesday, 20 October 2009 -
Vuln: Mozilla Bugzilla 'Bug.create()' WebService Function SQL Injection Vulnerability
Category: Network Security & Hacking News/Security Exploits and Security Patches
Mozilla Bugzilla 'Bug.create()' WebService Function SQL Injection Vulnerability Read Full Article ...Sunday, 18 October 2009 -
Vuln: Snitz Forums 2000 Cross Site Scripting and HTML Injection Vulnerabilities
Category: Network Security & Hacking News/Security Exploits and Security Patches
Snitz Forums 2000 Cross Site Scripting and HTML Injection Vulnerabilities Read Full Article ...Sunday, 18 October 2009 -
Vuln: Drupal Webform Module HTML Injection and Information Disclosure Vulnerabilities
Category: Network Security & Hacking News/Security Exploits and Security Patches
Drupal Webform Module HTML Injection and Information Disclosure Vulnerabilities Read Full Article ...Sunday, 18 October 2009 -
Vuln: Joomla! Joomloc Component 'id' Parameter SQL Injection Vulnerability
Category: Network Security & Hacking News/Security Exploits and Security Patches
Joomla! Joomloc Component 'id' Parameter SQL Injection Vulnerability Read Full Article ...Sunday, 18 October 2009 -
Oracle Hacker's Handbook Book Review
Category: Network Security & Hacking News/Latest Security News
... the market that really covers breaking into Oracle with the exception of The Database Hacker's Handbook which came out in 2005. Justin Clark's (and others) SQL Injection Book published in 2009 also covers ...Sunday, 18 October 2009 -
phpMyAdmin: XSS and SQL injection vulnerabilities
Category: Network Security & Hacking News/Latest Security News
phpMyAdmin: XSS and SQL injection vulnerabilities phpMyAdmin: XSS and SQL injection vulnerabilities Read Full Article ...Friday, 16 October 2009 -
phpMyAdmin Plugs SQL Injection, XSS Flaws
Category: Network Security & Hacking News/Latest Security News
A new version of phpMyAdmin has been released to plug two serious security holes that could lead to SQL injection and cross-site scripting attacks. A new version of phpMyAdmin has been released to plug ...Friday, 16 October 2009 -
New versions of phpMyAdmin close security holes
Category: Network Security & Hacking News/Latest Security News
The previous versions of the MySQL administration system were potentially vulnerable to cross-site scripting attacks and the injection of arbitrary SQL commands The previous versions of the MySQL administration ...Thursday, 15 October 2009 -
Vuln: phpMyAdmin Unspecified SQL Injection and Cross Site Scripting Vulnerabilities
Category: Network Security & Hacking News/Security Exploits and Security Patches
phpMyAdmin Unspecified SQL Injection and Cross Site Scripting Vulnerabilities Read Full Article ...Thursday, 15 October 2009 -
Vuln: Drupal Printer, e-mail and PDF version Module Security Bypass and HTML Injection Vulnerabilities
Category: Network Security & Hacking News/Security Exploits and Security Patches
Drupal Printer, e-mail and PDF version Module Security Bypass and HTML Injection Vulnerabilities Read Full Article ...Thursday, 15 October 2009 -
Vuln: Drupal RealName Module HTML Injection Vulnerability
Category: Network Security & Hacking News/Security Exploits and Security Patches
Drupal RealName Module HTML Injection Vulnerability Read Full Article ...Thursday, 15 October 2009 -
Security vulnerabilities fixed in multiple CA products
Category: Network Security & Hacking News/Latest Security News
Unpatched, 13 CA products allow malicious code injection on unpacking RAR archives Unpatched, 13 CA products allow malicious code injection on unpacking RAR archives Read Full Article ...Thursday, 15 October 2009 -
Louisville Metro Infosec 2009
Category: Network Security & Hacking News/Latest Security News
... access to your data You can chain multiple web proxies together to collect more results and better formulate attacks (e.g., chaining WebScarab through Ratproxy) SQL injection vulnerabilities not only ...Thursday, 15 October 2009 -
ha.ckers: JavaScript Protocol Comment Newline Injection
Category: Network Security & Hacking News/Latest Security News
ha.ckers: JavaScript Protocol Comment Newline Injection ha.ckers: JavaScript Protocol Comment Newline Injection Read Full Article ...Wednesday, 14 October 2009 -
Vuln: Drupal Service Links Component Content Type Names HTML Injection Vulnerability
Category: Network Security & Hacking News/Security Exploits and Security Patches
Drupal Service Links Component Content Type Names HTML Injection Vulnerability Read Full Article ...Tuesday, 13 October 2009
Site Search
Login Form
Sponsor Advertisements
 |