Entries Tagged with ‘redirection vulnerability’
Please view the original advisory/exploit here. The Porn Tube Search Script from the vendor Mechbunny suffers from Cross-Site Scripting and Redirection vulnerabilities.
(Continue reading…)-
Register here Blog about Xen, IT-Security, Linux and other stuff by Valentin Höbel.
Valentin Höbel
valentin@xenuser.org
xenuser@Twitter 
Files ≈ Packet Storm- Wireless Transfer App 3.7 Command Injection
- Sonicwall GMS 7.x Filter Bypass
- NagiosQL 3.2.0 SP2 Cross Site Scripting
- RedAxScript 1.1 SQL Injection
- NeoBill 0.9-alpha eCommerce Command Execution / SQL Injection / LFI
- Red Hat Security Advisory 2013-1790-01
- Red Hat Security Advisory 2013-1794-01
- Ubuntu Security Notice USN-2048-1
- Red Hat Security Advisory 2013-1793-01
- Red Hat Security Advisory 2013-1791-01
- Red Hat Security Advisory 2013-1792-01
- Red Hat Security Advisory 2013-1783-01
- WordPress Easy Career Openings SQL Injection
- Lynis Auditing Tool 1.3.6
- Drupal OG Features 6.x Access Bypass
- Debian Security Advisory 2810-1
- Debian Security Advisory 2809-1
- Red Hat Security Advisory 2013-1786-01
- Red Hat Security Advisory 2013-1785-01
- Red Hat Security Advisory 2013-1784-01
- Exploit-DB updates
- [local] - Steinberg MyMp3PRO v5.0 - Buffer Overflow/SEH Buffer Overflow/DEP Bypass with ROP
- [webapps] - BoxBilling 3.6.11 (mod_notification) Stored Cross-Site Scripting Vulnerability
- [papers] - Zine: D-Link DSR Router Series - Remote Root Shell
- [webapps] - WordPress Plugin DZS Video Gallery 3.1.3 - Remote and Local File Disclosure Vulnerability
- [webapps] - Wordpress page-flip-image-gallery plugins Remote File Upload
- [webapps] - D-Link DSR Router Series - Remote Root Shell Exploit
- [webapps] - Zimbra 0day exploit / Privilegie escalation via LFI
- [webapps] - Eaton Network Shutdown Module <= 3.21 - Remote PHP Code Injection
- [webapps] - Wireless Transfer App 3.7 iOS - Multiple Web Vulnerabilities
- [webapps] - Photo Transfer Wifi 1.4.4 iOS - Multiple Web Vulnerabilities
- blog.xen.org
- Xen on ARM and the Device Tree vs. ACPI debate
- RT-Xen: Real-Time Virtualization in Xen
- Xen Project Well Represented at SUSECon and openSUSE Summit
- Xen Project Developer Summit Slides and Videos are Live
- Xen Project will co-host FOSDEM’14 Virtualisation and IaaS DevRoom
- My first Xen Developer Summit: expectations vs reality
- Announcing the Release of Xen Project 4.3.1
- 10 years of Xen : Transforming a Dinosaur into a Bird (or winged Panda)
- Xen Project to join Round 7 of the Gnome Outreach Program For Women
- Fedora 20 Virtualization Test Day Report