Entries Tagged with ‘redirection vulnerability’
Please view the original advisory/exploit here. The Porn Tube Search Script from the vendor Mechbunny suffers from Cross-Site Scripting and Redirection vulnerabilities.
(Continue reading…)-
Register here Blog about Xen, IT-Security, Linux and other stuff by Valentin Höbel.
Valentin Höbel
valentin@xenuser.org
xenuser@Twitter 
Files ≈ Packet Storm- Asterisk Project Security Advisory - AST-2015-002
- Kaseya Browser 7.0 Android Path Traversal
- Pexip Infinity Non-Unique SSH Host Keys
- MantisBT 1.2.17 XSS / Improper Access Control / SQL Injection
- Kaseya BYOD Gateway 7.0.2 SSL Certificate Validation / Redirection
- ManageEngine Firewall Analyzer 8.0 Directory Traversal / XSS
- AirWatch Direct Object Reference
- UniPDF 1.1 Buffer Overflow / Denial Of Service
- ClearSCADA Remote Authentication Bypass
- Slackware Security Advisory - glibc Updates
- ManageEngine File Download / Content Disclosure / SQL Injection
- Fortinet FortiOS Denial Of Service / Man-In-The-Middle
- Fortinet FortiClient Hardcoded Encryption Keys / Broken SSL Validation
- Microsoft Windows Server 2003 SP2 Arbitrary Write Privilege Escalation
- Asterisk Project Security Advisory - AST-2015-001
- SupportCenter Plus 7.9 Cross Site Scripting
- Fortinet FortiAuthenticator XSS / Disclosure / Bypass
- Blubrry PowerPress 6.0 Cross Site Scripting
- Cisco Meraki Systems Manager CSRF / XSS / Functionality Abuse
- Cisco Security Advisory 20150128-ghost
- Exploit-DB updates
- [remote] - VSAT Sailor 900 - Remote Exploit
- [dos] - FreeBSD Kernel Multiple Vulnerabilities
- [papers] - Analysis of CVE-2014-4113 (Windows Privilege Escalation Vulnerability)
- [local] - UniPDF 1.1 - Crash PoC (SEH overwritten)
- [local] - Microsoft Windows Server 2003 SP2 - Privilege Escalation
- [webapps] - ManageEngine Firewall Analyzer 8.0 - Directory Traversal/XSS Vulnerabilities
- [local] - OS X < 10.10.x - Gatekeeper bypass Vulnerability
- [remote] - ClearSCADA - Remote Authentication Bypass Exploit
- [remote] - D-Link DSL-2740R - Unauthenticated Remote DNS Change Exploit
- [webapps] - Symantec Data Center Security - Multiple Vulnerabilities
- Xen Project Blog
- Xen Project @ FOSDEM
- CES 2015: Smart Cars are the New Smart Phone
- Future of Xen Project: Video Spotlight Interview with Intel’s Donald Dugger
- Less is More in the New Xen Project 4.5 Release
- Using Grub 2 as a bootloader for Xen PV guests
- Xen Project 4.5 Release Candidate 4 Test Day on December 17, 2014
- Xen Project Contributor Training
- 4.5 RC3 Test Day on Thursday December 4, 2014