IT 技术
计算机
网络
安全漏洞
网站优化


URFDS: Systematic discovery of Unvalidated Redirects and Forwards in web applications

Author:
Jing Wang, Hongjun Wu
School of Physical and Mathematical Sciences, Nanyang Technological University, Singapore

Abstract:
URL redirection is necessary in web applications. Well-designed redirection makes better...

白帽子计算机安全:

IT 计算机信息网络安全技术:

Daily Mail Online Website XSS Cyber Security Zero-Day Vulnerability



Website Description:
“The Daily Mail is a British daily middle-market tabloid newspaper owned by the Daily Mail and General Trust. First published in 1896 by Lord Northcliffe, it is the United Kingdom...

白帽子计算机安全:

Daily mail Registration Page Unvalidated Redirects and Forwards & XSS Web Security Problem


Website Description:
"The Daily Mail is a British daily middle-market tabloid newspaper owned by the Daily Mail and General Trust. First published in 1896 by Lord Northcliffe,...

日常生活點滴的記錄:

IT 计算机信息网络安全技术:

TeleGraph All Photo (Picture) Pages Have Been Vulnerable to XSS Cyber Attacks


Website Description:
http://www.telegraph.co.uk


"The Daily Telegraph is a British daily morning English-language broadsheet newspaper, published in London by Telegraph...

白帽子计算机安全:

IT 计算机信息网络安全技术:

VuFind 1.0 Reflected XSS (Cross-site Scripting) Application 0-Day Web Security Bug



Exploit Title: VuFind Results? &lookfor parameter Reflected XSS Web Security Vulnerability

Product: VuFind

Vendor: VuFind

Vulnerable Versions: 1.0

Tested Version...

白帽子计算机安全:

KnowledgeTree OSS 3.0.3b Application Reflected XSS (Cross-site Scripting) Web Security 0Day Vulnerability



Exploit Title: KnowledgeTree login.php &errorMessage parameter Reflected XSS Web Security Vulnerability

Product: Knowledge Tree Document Management System

Vendor: Knowledge...

Winmail Server 4.2 Reflected XSS (Cross-site Scripting) Web Application 0-Day Security Bug

Exploit Title: Winmail Server badlogin.php &lid parameter Reflected XSS Web Security Vulnerability
Product: Winmail Server
Vendor: Winmail Server
Vulnerable Versions: 4.2   4.1
Tested Version: 4.2   4...

日常生活點滴的記錄:

IT 计算机信息网络安全技术:

All Links in Two Topics of Indiatimes (indiatimes.com) Are Vulnerable to XSS (Cross Site Scripting) Attacks



(1) Domain Description:
http://www.indiatimes.com


"The Times of India (TOI) is an Indian English-language daily newspaper. It is the third...

Web Technology:

CVE-2014-8753  Cit-e-Net Multiple XSS (Cross-Site Scripting) Web Security Vulnerabilities


Exploit Title: Cit-e-Net Multiple XSS (Cross-Site Scripting) Web Security Vulnerabilities

Product: Cit-e-Access

Vendor: Cit-e-Net

Vulnerable Versions: Version 6

Tested Version

数学日记:

IT 计算机信息网络安全技术:

About Group (about.com) All Topics (At least 99.88% links) Vulnerable to XSS & Iframe Injection Security Attacks, About.com Open Redirect Web Security Vulnerabilities


Vulnerability Description:
About.com all “topic sites” are vulnerable to XSS (Cross-Site Scripting...

© IT 计算机&信息网络 技术 | Powered by LOFTER