Advertisements

Orkut Server Side Session Management Error

Saturday, 23 June 2007

Susam Pal and Vipul Agarwal have discovered two vulnerabilities in Google Orkut, they could be exploited by malicious people to hijack a user's session.


read more...

TDizin "ara" Cross-Site Scripting Vulnerability

Tuesday, 19 June 2007

A vulnerability has been reported in TDizin, which can be exploited by malicious people to conduct cross-site scripting attacks.


read more...

PHP Hosting Biller "order.php" Cross-Site Scripting Vulnerability

Tuesday, 19 June 2007

serapis.net has discovered a vulnerability in PHP Hosting Biller, which can be exploited by malicious people to conduct cross-site scripting attacks.


read more...

Papoo CMS - Multiple Cross Site Scripting Vulnerabilities

Tuesday, 19 June 2007

The Papoo Content Management System is prone to multiple Cross Site Scripting vulnerabilities. The application fails to sanitize user input from certain characters in three cases.


read more...

Apache Tomcat XSS vulnerability in Accept-Language header processing

Tuesday, 19 June 2007

Web pages that display the Accept-Language header value sent by the client are susceptible to a cross-site scripting attack if they assume the Accept-Language header value conforms to RFC 2616.


read more...

Digirez Two Cross-Site Scripting Vulnerabilities

Monday, 28 May 2007

Linux_Drox has reported two vulnerabilities in Digirez, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed to the "Room_name" parameter in /room/info_book.asp and "curYear" parameter in /room/week.asp are not properly sanitised before being returned to a user.


read more...

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 

 

45884 total xss
14724 special xss
3026 fixed
5046 xss onhold
2792 EW subscribers

Home | News | Articles | Advisories | Submit | Alerts | Links | What is XSS | About | Contact | Some Rights Reserved.