Orkut Server Side Session Management Error

Friday, 22 June 2007

Susam Pal and Vipul Agarwal have discovered two vulnerabilities in Google Orkut, they could be exploited by malicious people to hijack a user's session.

TDizin "ara" Cross-Site Scripting Vulnerability

Tuesday, 19 June 2007

A vulnerability has been reported in TDizin, which can be exploited by malicious people to conduct cross-site scripting attacks.

PHP Hosting Biller "order.php" Cross-Site Scripting Vulnerability

Tuesday, 19 June 2007

serapis.net has discovered a vulnerability in PHP Hosting Biller, which can be exploited by malicious people to conduct cross-site scripting attacks.

Papoo CMS - Multiple Cross Site Scripting Vulnerabilities

Tuesday, 19 June 2007

The Papoo Content Management System is prone to multiple Cross Site Scripting vulnerabilities. The application fails to sanitize user input from certain characters in three cases.

Apache Tomcat XSS vulnerability in Accept-Language header processing

Tuesday, 19 June 2007

Web pages that display the Accept-Language header value sent by the client are susceptible to a cross-site scripting attack if they assume the Accept-Language header value conforms to RFC 2616.

Digirez Two Cross-Site Scripting Vulnerabilities

Monday, 28 May 2007

Linux_Drox has reported two vulnerabilities in Digirez, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed to the "Room_name" parameter in /room/info_book.asp and "curYear" parameter in /room/week.asp are not properly sanitised before being returned to a user.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25

45884 total xss 14724 special xss 3026 fixed 5328 xss onhold 2933 EW subscribers

Tweets about ""cross site scripting" OR from:xssedcom"