Entries Tagged with ‘redirection vulnerability’
Please view the original advisory/exploit here. The Porn Tube Search Script from the vendor Mechbunny suffers from Cross-Site Scripting and Redirection vulnerabilities.
(Continue reading…)-
Register here Blog about Xen, IT-Security, Linux and other stuff by Valentin Höbel.
Valentin Höbel
valentin@xenuser.org
xenuser@Twitter 
Files ≈ Packet Storm- Symantec Web Gateway 5 restore.php Command Injection
- Mandriva Linux Security Advisory 2015-050
- Seagate Business NAS Unauthenticated Remote Command Execution
- HP Security Bulletin HPSBST03274 1
- D-Link DIR636L Remote Command Injection
- Slim PHP Framework 2.5.0 Weak Cryptography
- RV4sec 2015 Call For Papers
- WordPress Calculated Fields Form 1.0.10 SQL Injection
- ECCMS 1.0 Cross Site Scripting / SQL Injection
- Mandriva Linux Security Advisory 2015-049
- Ubuntu Security Notice USN-2516-2
- ATutor LCMS 2.2 Cross Site Request Forgery
- BEdita CMS 3.5.0 Cross Site Request Forgery / Cross Site Scripting
- Linux CVE-2014-9322 Proof Of Concept
- Linux CVE-2014-4943 Proof Of Concept
- Linux CVE-2014-3631 Proof Of Concept
- Fortimail 5.2.1 Cross Site Scripting
- NetCat CMS 3.12 Remote File Inclusion
- Packet Storm New Exploits For February, 2015
- Swiss File Knife 1.7.4 Buffer Overflow
- Exploit-DB updates
- [local] - Ubisoft Uplay 5.0 - Insecure File Permissions Local Privilege Escalation
- [webapps] - Seagate Business NAS <= 2014.00319 - Pre-Authentication Remote Code Execution (0day)
- [local] - Electronic Arts Origin Client 9.5.5 - Multiple Privilege Escalation Vulnerabilities
- [remote] - Persistent Systems Client Automation Command Injection RCE
- [webapps] - WonderPlugin Audio Player 2.0 - Blind SQL Injection and XSS
- [local] - Realtek 11n Wireless LAN utility - Privilege Escalation
- [remote] - HP Client Automation Command Injection
- [remote] - PCMan FTP Server 2.0.7 - Buffer Overflow - MKD Command
- [webapps] - Beehive Forum 1.4.4 - Stored XSS Vulnerability
- [webapps] - WordPress Webdorado Spider Event Calendar 1.4.9 - SQL Injection
- Xen Project Blog
- Updates to Xen Project Security Process
- Xen Project 4.6 Planning Opens
- Catch Xen Project Talks at SCALE 13X, openSUSE Mini-Summit, & LF Collaboration Summit This Week
- Getting Started With FreeRTOS for Xen on ARM
- Xen Project @ FOSDEM
- CES 2015: Smart Cars are the New Smart Phone
- Future of Xen Project: Video Spotlight Interview with Intel’s Donald Dugger
- Less is More in the New Xen Project 4.5 Release