Advertisements

cPanel "objcache" cross-site scripting vulnerability

Tuesday, 13 February 2007

A new version of cPanel is available, it fixes a vulnerability which could be exploited by malicious people to conduct cross-site scripting attacks.


read more...

Uphotogallery <= v1.1 "thumbnails.asp" and "images_archive.asp" XSS

Tuesday, 6 February 2007

Doz from hackerscenter.com, has reported a cross-site scripting vulnerability in Uphotogallery. Malicious people can exploit this vulnerability to perform XSS attacks.


read more...

PHP Link Directory <= v3.0.6 administration page XSS vulnerability

Tuesday, 6 February 2007

A cross-site scripting vulnerability in PHP Link Directory, has been discovered by Jussi Vuokko and Henri Lindberg. Malicious people can trick the phpLD admin to validate a submitted link and gain administrative access.


read more...

Safari improper parse of HTML tags and BlogSpot.com XSS vulnerability

Tuesday, 6 February 2007

Two vulnerabilities existing in Safari web browser and BlogSpot.com, have been discovered by Jose Avila. Malicious people can exploit the Safari vulnerability to execute HTML tags within comments. Comments in blogs hosted on BlogSpot, can be injected with malicious scripts.


read more...

Moveble Type <= v3.33 XSS filter evasion vulnerability

Tuesday, 6 February 2007

A way to evade the XSS filter of Movable Type, has been discovered by teracci2002. Malicious people can exploit this vulnerability to steal cookies and deface websites.


read more...

FlashChat <= v4.7.8 - "info.php" XSS vulnerability

Tuesday, 6 February 2007

A script insertion vulnerability in FlashChat, has been discovered by binaryloc. Malicious people can exploit this vulnerability to perform XSS attacks. A patch is not yet available from the vendor. An unofficial patch is available on binaryloc's website.


read more...

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 

 

45884 total xss
14724 special xss
3026 fixed
5025 xss onhold
2787 EW subscribers

Home | News | Articles | Advisories | Submit | Alerts | Links | What is XSS | About | Contact | Some Rights Reserved.