- Vuln: Mahara Resume Blocktype Cross Site Scripting Vulnerability
- Vuln: Mahara Admin Password Reset Security Bypass Vulnerability
- Vuln: eCryptfs 'parse_tag_3_packet()' Packet Heap Based Buffer Overflow Vulnerability
- Vuln: Cisco VPN Client for Windows 'StartServiceCtrlDispatche' Local Denial of Service Vulnerability
- Vuln: HP OpenView Network Node Manager 'ovdbrun.exe' Denial of Service Vulnerability
- Vuln: PHP Versions Prior to 5.3.1 Multiple Vulnerabilities
- Vuln: KDE KDELibs 'dtoa()' Remote Code Execution Vulnerability
- Vuln: PEAR Sendmail 'From' Parameter Arbitrary Argument Injection Vulnerability
- Vuln: IBM Rational Products Multiple Cross Site Scripting Vulnerabilities
- Vuln: Microsoft Internet Explorer 'Style' Object Remote Code Execution Vulnerability
Search
Search Result
-
An Ounce of Prevention is Worth a Pound of Cure
Category: Network Security & Hacking News/Latest Security News
... to SQL injection. For example, consider cross-site scripting (XSS): DEVELOPER I need you to prove that this XSS flaw is exploitable. ME How about just applying the proper output encoding so you know ...Friday, 20 November 2009 -
Firefox Patch Tuesday
Category: Network Security & Hacking News/Latest Security News
... link: The user. Vulnerabilities such as XSS, XSF, drive-by downloads, etc. are almost always triggered by trusted, authenticated and authorized users on the network. Conclusion: I just touched on this ...Monday, 09 November 2009 -
Sun Alert 271169 Multiple Security Vulnerabilities in the Common Unix Printing System (CUPS) Web Interface in OpenSolaris May Lead to Cross-Site Scripting (XSS) and HTTP Response Splitting Attacks
Category: Network Security & Hacking News/Global Security News
Product: OpenSolaris The web interface of the Common Unix Printing System (CUPS) in versions 1.4.1 and earlier is impacted by multiple security vulnerabilities which may lead to Cross-Site Scripting (XSS) ...Monday, 09 November 2009 -
Best of Application Security (Friday, Nov. 6)
Category: Network Security & Hacking News/Latest Security News
... Security 2009 will be selected! Another fine method to exploit SQL Injection and bypass WAF Security and Facebook Platform When Is More Important Than Where in Web Application Security Apple - XSS Attack ...Friday, 06 November 2009 -
Sun Alert 272230 Security Vulnerabilities in the Apache 2 "mod_perl2" Module Components "PerlRun.pm" and "Status.pm" May Lead to Denial of Service (DoS) or Unauthorized Access to Data
Category: Network Security & Hacking News/Global Security News
... Apache 2 "httpd" process. The second issue, a Cross Site Scripting (CSS or XSS) vulnerability in the "Status.pm" ... Product: Solaris 10, OpenSolaris Two security vulnerabilities exist in the Apache ...Wednesday, 04 November 2009 -
3 Tips to Improve Your Organization’s Application Security
Category: Network Security & Hacking News/Latest Security News
... developers evaluate outdated applications, for instance, will go a long way toward preventing any potential vulnerabilities from being exploited. SQL injection and XSS account for 32% of all indents ...Wednesday, 04 November 2009 -
3 Tips to Improve Your Organization’s Application Security
Category: Network Security & Hacking News/Latest Security News
... developers evaluate outdated applications, for instance, will go a long way toward preventing any potential vulnerabilities from being exploited. SQL injection and XSS account for 32% of all indents ...Wednesday, 04 November 2009 -
Best of Application Security (Friday, Oct. 30)
Category: Network Security & Hacking News/Latest Security News
... Infection Library Infrastructure fingerprinting via XSS DNS Rebinding in Firefox Output Validation using the OWASP ESAPI Google Wave as a Tool for Hacking Announcing the release of the Enhanced Mitigation ...Friday, 30 October 2009 -
Enterprise Open Source Intelligence Gathering – Part 2 Blogs, Message Boards and Metadata
Category: Network Security & Hacking News/Latest Security News
... Vault www.vault.com (job/employee discussions) Google Finance http://www.google.com/finance (search for company stock symbol and check out the discussions) XSSed http://www.xssed.com/ (XSS security ...Wednesday, 28 October 2009 -
Infrastructure fingerprinting via XSS
Category: Network Security & Hacking News/Latest Security News
Yokoso! is an infrastructure fingerprinting system delivered via XSS attack. This project contains two different parts; the fingerprints and modules for the various browser exploit frameworks. The ... ...Tuesday, 27 October 2009 -
Hacking Crazy Taxi
Category: Network Security & Hacking News/Latest Security News
... the Tamper Data plugin for Firefox (to catch the obvious ones). The Crazy Taxi Flash does actually submit your score using HTTP in clear text (IIRC they have a reflected XSS there as well), but the GET-param ...Saturday, 17 October 2009 -
phpMyAdmin: XSS and SQL injection vulnerabilities
Category: Network Security & Hacking News/Latest Security News
phpMyAdmin: XSS and SQL injection vulnerabilities phpMyAdmin: XSS and SQL injection vulnerabilities Read Full Article ...Friday, 16 October 2009 -
phpMyAdmin Plugs SQL Injection, XSS Flaws
Category: Network Security & Hacking News/Latest Security News
A new version of phpMyAdmin has been released to plug two serious security holes that could lead to SQL injection and cross-site scripting attacks. A new version of phpMyAdmin has been released to plug ...Friday, 16 October 2009 -
Best of Application Security (Friday, Oct. 9)
Category: Network Security & Hacking News/Latest Security News
... Through Performance Monitoring XSS Protection by Default in Rails 3.0 WhiteHat Security is a leading provider of website security services. Ten of Application Security industry's coolest, most ...Friday, 09 October 2009 -
Hacking CGI - Security And Exploitation
Category: Network Security & Hacking Articles/Legacy Security Articles
... is pretty bad since it confuses people with Cascading Style Sheets, so XSS is what I'll call it from now on. XSS isn't really a very dangerous problem in most situations, but as I discussed in detail ...Saturday, 03 October 2009 -
Penetration Testing for Web Applications
Category: Network Security & Hacking Articles/Legacy Security Articles
... the user's browser). Cross Site Scripting (XSS) occurs wherever a developer incorrectly allows a user to manipulate HTML output from the application - this may be in the result of a search query, or any ...Saturday, 03 October 2009 -
WX Guest Book 1.1.208 (SQL/XSS) Multiple Remote Vulnerabilities
Category: Network Security & Hacking News/Security Exploits and Security Patches
Read Full ArticleSunday, 20 September 2009 -
Bugtraq: [DSECRG-09-048] HP LaserJet printers - Multiple Stored XSS vulnerabilities
Category: Network Security & Hacking News/Security Exploits and Security Patches
HP LaserJet printers - Multiple Stored XSS vulnerabilities Read Full Article ...Monday, 29 November 1999 -
Bugtraq: [BONSAI] XSS in Achievo - Customized XSS payload included
Category: Network Security & Hacking News/Security Exploits and Security Patches
XSS in Achievo - Customized XSS payload included Read Full Article ...Monday, 29 November 1999 -
Bugtraq: [security bulletin] HPSBUX02465 SSRT090192 rev.1 - HP-UX Running Apache-based Web Server, Remote Denial of Service (DoS) Cross-Site Scripting (XSS) Unauthorized Access
Category: Network Security & Hacking News/Security Exploits and Security Patches
HPSBUX02465 SSRT090192 rev.1 - HP-UX Running Apache-based Web Server, Remote Denial of Service (DoS) Cross-Site Scripting (XSS) Unauthorized Access Read Full Article ...Monday, 29 November 1999 -
Bugtraq: Fwd: {Lostmon´s Group} Re: Wowd search client multiple variable xss (solution)
Category: Network Security & Hacking News/Security Exploits and Security Patches
Fwd: Re: Wowd search client multiple variable xss (solution) Read Full Article ...Monday, 29 November 1999 -
Bugtraq: Auto Manager admin.cgi Multiple Field XSS
Category: Network Security & Hacking News/Security Exploits and Security Patches
Auto Manager admin.cgi Multiple Field XSS Read Full Article ...Monday, 29 November 1999 -
Bugtraq: AssetsSoSimple supplier_admin.php Supplier Field XSS
Category: Network Security & Hacking News/Security Exploits and Security Patches
AssetsSoSimple supplier_admin.php Supplier Field XSS Read Full Article ...Monday, 29 November 1999 -
GSO Rules & Regulations
Category: 'Uncategorised Content'
... will lead to banning. 14) Attacks on the forum, in any sense includes XSS, SQL injection anything that can be found to be malicious to the users of GSO or the server itself will be dealt with by banning, ...Sunday, 04 October 2009 -
Hacking Articles
Category: 'Uncategorised Content'
... up a Warez site. So what is all the media fuss about XSS? Detection of SQL Injection and Cross-site Scripting Attacks Root Kits FAQ Rootkits - How Intruders Hide Promiscuous ...Friday, 02 October 2009
