Entries Tagged with ‘redirection vulnerability’
Please view the original advisory/exploit here. The Porn Tube Search Script from the vendor Mechbunny suffers from Cross-Site Scripting and Redirection vulnerabilities.
(Continue reading…)-
Register here Blog about Xen, IT-Security, Linux and other stuff by Valentin Höbel.
Valentin Höbel
valentin@xenuser.org
xenuser@Twitter 
Files ≈ Packet Storm- Bugzilla 3.x / 4.x Cross Site Request Forgery
- Debian Security Advisory 2989-1
- Debian Security Advisory 2988-1
- Netgear DGN2200 Password Disclosure
- Moodle 2.7 Cross Site Scripting
- Zenoss Monitoring System 4.2.5-2108 Cross Site Scripting
- Easy File Sharing Persistent Cross Site Scripting
- MQAC.sys Arbitrary Write Privilege Escalation
- BulletProof FTP Client 2010 Buffer Overflow
- Ubiquiti AirVision Controller 2.1.3 Weak Settings
- Ubiquiti UbiFi Controller 2.4.5 Password Hash Disclosure
- Pligg 2.0.1 SQL Injection / Command Execution
- Plesk Sitebuilder XSS / Bypass / Shell Upload / File Download
- Make 3.81 Heap Overflow
- Lian Li NAS Hardcoded Cookie / Bypass / Privilege Escalation
- Omeka 2.2.1 Remote Code Execution
- UniFi / mFi / AirVision Cross Site Request Forgery
- HP Security Bulletin HPSBMU03076
- HP Security Bulletin HPSBMU03074
- Ubuntu Security Notice USN-2300-1
- Exploit-DB updates
- [webapps] - Sagem Fast 3304-V1 - Denial Of Service Vulnerability
- [webapps] - ZeroCMS 1.0 - Persistent Cross-Site Scripting Vulnerability
- [webapps] - Moodle 2.7 - Persistent XSS
- [webapps] - DirPHP 1.0 - LFI Vulnerability
- [webapps] - Zenoss Monitoring System 4.2.5-2108 64bit - Stored XSS
- [local] - MQAC.sys Arbitrary Write Privilege Escalation
- [webapps] - Pligg 2.0.1 - Multiple Vulnerabilities
- [dos] - Make 3.81 - Heap Overflow PoC
- [webapps] - Lian Li NAS - Multiple Vulnerabilities
- [dos] - BulletProof FTP Client 2010 - Buffer Overflow (SEH)
- blog.xen.org
- Mirage OS v2.0: The new features
- XCP Wiki Pages Have Been Migrated to Wiki.XenServer.org
- Mark Your Calendars! Great Xen Project Events Coming in August and September 2014
- The Docker exploit and the security of containers
- Release management: Risk, intuition, and freeze exceptions
- Developer Summit Line-up Announced
- How fast is Xen on ARM, really?
- Welcoming Cavium as latest Xen Project Advisory Board member
- June 2014 Brings Bumper Crop of Xen Project Talks to the US
- Welcoming Rackspace as Xen Project Advisory Board member