• About

Hacker Research Topics

~ Hackers, Web Security, Computer Security, Vulnerability Attack …

Hacker Research Topics

Category Archives: SQL Injection

CVE-2015-2563 – Vastal I-tech phpVID 1.2.3 SQL Injection Web Security Vulnerabilities

12 Tuesday May 2015

Posted by BlackWhite in CVE, SQL Injection

≈ Leave a comment

Tags

0-day, 1.2.3, 2563, bugs, computer-engineering, CVE-2015, database, exploit, I-tech, JingWang, mas, math, php flaw, phpVID, query, sensitive information, singapore, spms, SQL Injection, user data, Vastal, Website Bug

smartphone-safety-security-secure-smartphone

CVE-2015-2563 – Vastal I-tech phpVID 1.2.3 SQL Injection Web Security Vulnerabilities

 

Exploit Title: CVE-2015-2563 Vastal I-tech phpVID /groups.php Multiple Parameters SQL Injection Web Security Vulnerabilities

Product: phpVID

Vendor: Vastal I-tech

Vulnerable Versions: 1.2.3 0.9.9

Tested Version: 1.2.3 0.9.9

Advisory Publication: March 13, 2015

Latest Update: April 25, 2015

Vulnerability Type: Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) [CWE-89]

CVE Reference: CVE-2015-2563

CVSS Severity (version 2.0):

CVSS v2 Base Score: 7.5 (HIGH) (AV:N/AC:L/Au:N/C:P/I:P/A:P) (legend)

Impact Subscore: 6.4

Exploitability Subscore: 10.0

CVSS Version 2 Metrics:

Access Vector: Network exploitable

Access Complexity: Low

Authentication: Not required to exploit

Impact Type: Allows unauthorized disclosure of information; Allows unauthorized modification; Allows disruption of service

Credit: Wang Jing [School of Physical and Mathematical Sciences (SPMS), Nanyang Technological University (NTU), Singapore] (@justqdjing)

 

 

Direction Details:



(1) Vendor & Product Description:



Vendor:

Vastal I-tech

 

Product & Vulnerable Versions:

phpVID

1.2.3

0.9.9

 

 

Vendor URL & Download:

phpVID can be approached from here,

http://www.vastal.com/phpvid-the-video-sharing-software.html#.VP7aQ4V5MxA


Product Introduction Overview:

“phpVID is a video sharing software or a video shating script and has all the features that are needed to run a successful video sharing website like youtube.com. The features include the following. phpVID is the best youtube clone available. The latest features include the parsing of the subtitles file and sharing videos via facebook. With phpVID Video Sharing is extremely easy.”


“The quality of code and the latest web 2.0 technologies have helped our customers to achieve their goals with ease. Almost all customers who have purchased phpVID are running a successful video sharing website. The quality of code has helped in generating more then 3 million video views a month using a “single dedicated server”. phpVID is the only software in market which was built in house and not just purchased from someone. We wrote the code we know the code and we support the code faster then anyone else. Have any questions/concerns please contact us at: info@vastal.com. See demo at: http://www.phpvid.com. If you would like to see admin panel demo please email us at: info@vastal.com.”


“Server Requirements:

Preferred Server: Linux any Version

PHP 4.1.0 or above

MySQL 3.1.10 or above

GD Library 2.0.1 or above

Mod Rewrite and .htaccess enabled on server.

FFMPEG (If you wish to convert the videos to Adobe Flash)”

 

 

(2) Vulnerability Details:

phpVID web application has a computer security bug problem. It can be exploited by SQL Injection attacks. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data. Other bug hunter researchers have found some SQL Injection vulnerabilities related to it before, too. phpVID has patched some of them.


Several other similar products 0-day vulnerabilities have been found by some other bug hunter researchers before. phpVID has patched some of them. “Openwall software releases and other related files are also available from the Openwall file archive and its mirrors. You are encouraged to use the mirrors, but be sure to verify the signatures on software you download. The more experienced users and software developers may use our CVSweb server to browse through the source code for most pieces of Openwall software along with revision history information for each source file. We publish articles, make presentations, and offer professional services.” Openwall has published suggestions, advisories, solutions details related to important vulnerabilities.



(2.1) The first code programming flaw occurs at “&order_by” “&cat” parameters in “groups.php?” page.

 

 

 


Related Links:

http://packetstormsecurity.com/files/130754/Vastal-I-tech-phpVID-1.2.3-SQL-Injection.html

https://progressive-comp.com/?l=full-disclosure&m=142601071700617&w=2

http://seclists.org/fulldisclosure/2015/Mar/58

http://permalink.gmane.org/gmane.comp.security.fulldisclosure/1699

http://lists.openwall.net/full-disclosure/2015/03/10/8

http://static-173-79-223-25.washdc.fios.verizon.net/?l=full-disclosure&m=142601071700617&w=2

http://www.tetraph.com/blog/xss-vulnerability/cve-2015-2563/

http://static-173-79-223-25.washdc.fios.verizon.net/?l=full-disclosure&m=142551597501701&w=2

https://cxsecurity.com/issue/WLB-2015020091

https://www.facebook.com/permalink.php?story_fbid=935563809832135&id=874373602617823

http://t.qq.com/p/t/482410003538035

http://biboying.lofter.com/post/1cc9f4f5_6ee2aa5

http://mathpost.tumblr.com/post/118768553885/xingti-cve-2015-2563-vastal-i-tech-phpvid

http://essayjeans.lofter.com/post/1cc7459a_6ee4fcb

http://xingti.tumblr.com/post/118768481545/cve-2015-2563-vastal-i-tech-phpvid-1-2-3-sql

https://plus.google.com/113698571167401884560/posts/gftS84rfD3A

https://itswift.wordpress.com/2015/05/12/cve-2015-2563-vastal-i-tech-phpvid/

https://www.facebook.com/essayjeans/posts/827458144012006

https://tetraph.wordpress.com/2015/05/12/cve-2015-2563-vastal-i-tech-phpvid/

http://mathstopic.blogspot.com/2015/05/cve-2015-2563-vastal-i-tech-phpvid-123.html

http://yurusi.blogspot.sg/2015/05/cve-2015-2563-vastal-i-tech-phpvid-123.html

https://twitter.com/tetraphibious/status/598057025247907840

http://tetraph.blog.163.com/blog/static/23460305120154125453111/


CVE-2015-2242 – Webshop hun v1.062S SQL Injection Web Security Vulnerabilities

11 Monday May 2015

Posted by BlackWhite in CVE, SQL Injection

≈ Leave a comment

Tags

0-day Exploit, 2015-2242, attack-defense, computer technology, cve, Information Security, IT defense, php-code flaw bug, SQL Injection, v1.062S, vulnerability, Web Security, Webshop hun, whitehat test technology

shutterstock_90909827-e1353008050857

CVE-2015-2242 – Webshop hun v1.062S SQL Injection Web Security Vulnerabilities



Exploit Title: CVE-2015-2242 Webshop hun v1.062S /index.php Multiple Parameters SQL Injection Web Security Vulnerabilities

Product: Webshop hun

Vendor: Webshop hun

Vulnerable Versions: v1.062S

Tested Version: v1.062S

Advisory Publication: February 21, 2015

Latest Update: March 10, 2015

Vulnerability Type: Improper Control of Generation of Code (‘Code Injection’) [CWE-94]

CVE Reference: CVE-2015-2242

CVSS Severity (version 2.0):

CVSS v2 Base Score: 7.5 (HIGH) (AV:N/AC:L/Au:N/C:P/I:P/A:P) (legend)

Impact Subscore: 6.4

Exploitability Subscore: 10.0

CVSS Version 2 Metrics:

Access Vector: Network exploitable

Access Complexity: Low

Authentication: Not required to exploit

Impact Type: Allows unauthorized disclosure of information; Allows unauthorized modification; Allows disruption of service

Credit: Wang Jing [School of  Mathematical Sciences (001), University of Science and Technology of China (USTC)] (@justqdjing)








Persuasion Details:



(1) Vendor & Product Description:



Vendor:

Webshop hun



Product & Version:

Webshop hun

v1.062S



Vendor URL & Download:

Webshop hun can be token from here,

http://www.webshophun.hu/index



Product Introduction Overview:

Webshop hun is an online product sell web application system.


“If our webshop you want to distribute your products, but it is too expensive to find on the internet found solutions, select the Webshop Hun shop program and get web store for free and total maker banner must display at the bottom of the page 468×60 size. The download shop program, there is no product piece limit nor any quantitative restrictions, can be used immediately after installation video which we provide assistance.


“The Hun Shop store for a free for all. In our experience, the most dynamic web solutions ranging from our country. If the Webshop Hun own image does not suit you, you can also customize the look of some of the images and the corresponding text replacement, or an extra charge we can realize your ideas. The Webshop Hun pages search engine optimized. They made the Hun Shop web program to meet efficiency guidelines for the search engines. The pages are easy to read and contain no unnecessary HTML tags. Any web page is simply a few clicks away.”






(2) Vulnerability Details:

Webshop hun web application has a computer security bug problem. It can be exploited by SQL Injection attacks. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

Several similar products 0-day vulnerabilities have been found by some other bug hunter researchers before. Webshop hun has patched some of them. Open Sourced Vulnerability Database (OSVDB) is an independent and open-sourced database. The goal of the project is to provide accurate, detailed, current, and unbiased technical information on security vulnerabilities. The project promotes greater, open collaboration between companies and individuals. It has published suggestions, advisories, solutions details related to important vulnerabilities.


(2.1) The vulnerability occurs at “&termid” “&nyelv_id” parameters in “index.php?” page.








References:

http://seclists.org/fulldisclosure/2015/Mar/27

http://lists.openwall.net/full-disclosure/2015/03/05/6

http://permalink.gmane.org/gmane.comp.security.fulldisclosure/1667

http://packetstormsecurity.com/files/130656/Webshop-Hun-1.062S-SQL-Injection.html

https://progressive-comp.com/?l=full-disclosure&m=142551597501701&w=2

http://mathswift.blogspot.com/2015/05/cve-2015-2242-webshop-hun-v1062s-sql.html

https://www.mail-archive.com/fulldisclosure%40seclists.org/msg01739.html

https://itinfotechnology.wordpress.com/2015/03/04/webshop-hun-v1-062s-sql-injection-security-vulnerabilities/

http://lists.kde.org/?a=139222176300014&r=1&w=2

https://plus.google.com/u/0/+JingWang-tetraph-justqdjing/posts/ix8RhPjqKBu

http://www.tetraph.com/blog/sql-injection-vulnerability/cve-2015-2242-webshop-hun-v1-062s/

https://twitter.com/justqdjing/status/597681322568454145

http://covertredirect.com/daily/

http://securitypost.tumblr.com/post/118684080442/cve-2015-2242-webshop-hun-v1-062s-sql-injection

http://itsecurity.lofter.com/post/1cfbf9e7_6ebf54e

http://webtechhut.blogspot.com/2015/05/cve-2015-2242-webshop-hun-v1062s-sql.html

https://hackertopic.wordpress.com/2015/05/11/cve-2015-2242-webshop-hun-v1-062s-sql-injection-web-security-vulnerabilities/

http://blog.163.com/greensun_2006/blog/static/11122112201541145543836/

https://www.facebook.com/websecuritiesnews/posts/791040474349458

http://www.weibo.com/5099722551/ChlUA5smp?type=comment

6kbbs v8.0 SQL Injection Security Vulnerabilities

02 Thursday Apr 2015

Posted by BlackWhite in Computer Security, SQL Injection, Web Security

≈ 1 Comment

Tags

0-day, 0Day, application, attack, browser, coding, computer, cve, cyber-security, cybersecurity, database, exploit, hacker, information, internet, IT, php, scripting, security, technology, test, vulnerability, web, website, white-hat, whitehat

07_phone_security_g_w

 

6kbbs v8.0 SQL Injection Security Vulnerabilities

 

Exploit Title: 6kbbs Multiple SQL Injection Security Vulnerabilities

Vendor: 6kbbs

Product: 6kbbs

Vulnerable Versions: v7.1 v8.0

Tested Version: v7.1 v8.0

Advisory Publication: April 01, 2015

Latest Update: April 01, 2015

Vulnerability Type: Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) [CWE-89]

CVE Reference: *

Impact CVSS Severity (version 2.0):

CVSS v2 Base Score: 7.5 (HIGH) (AV:N/AC:L/Au:N/C:P/I:P/A:P) (legend)

Impact Subscore: 6.4

Exploitability Subscore: 10.0

Writer and Reporter: Wang Jing [CCRG, Nanyang Technological University (NTU), Singapore]

 

 

 

Suggestion Details:



(1) Vendor & Product Description:



Vendor:

6kbbs

 

Product & Vulnerable Versions:

6kbbs

v7.1

v8.0

 

Vendor URL & download:

6kbbs can be obtained from here,

http://www.6kbbs.com/download.html

http://www.bvbcode.com/code/93n8as2z-down

 

Product Introduction Overview:

“6kbbs V8.0 is a PHP + MySQL built using high-performance forum, has the code simple, easy to use, powerful, fast and so on. It is an excellent community forum program. The program is simple but not simple; fast, small; Interface generous and good scalability; functional and practical pursuing superior performance, good interface, the user’s preferred utility functions.”

“Interface: Using XHTML + CSS architecture, so that the structure of the page, easy to modify the interface; save the transmission of static page code, greatly reducing the amount of data transmitted over the network; improve the interface scalability, more in line with WEB standards, support Internet Explorer, FireFox, Opera and other mainstream browsers. The program: using ASP + ACCESS mature technology, the installation process is extremely simple, the operating environment is also very common.”

 

 

 

(2) Vulnerability Details:

6kbbs web application has a security bug problem. It can be exploited by SQL Injection attacks. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

Several 6kbbs products 0-day vulnerabilities have been found by some other bug hunter researchers before. 6kbbs has patched some of them. Open Sourced Vulnerability Database (OSVDB) is an independent and open-sourced database. The goal of the project is to provide accurate, detailed, current, and unbiased technical information on security vulnerabilities. The project promotes greater, open collaboration between companies and individuals. It has published suggestions, advisories, solutions details related to 6kbbs vulnerabilities.

 

(2.1) The first code programming flaw occurs at “/ajaxmember.php?” page with “&userid” parameter.

(2.2) The second code programming flaw occurs at “/admin.php?” page with “&inc” parameter.

 

 

 

 

References:

http://www.tetraph.com/security/sql-injection-vulnerability/6kbbs-v8-0-sql-injection-security-vulnerabilities/

http://securityrelated.blogspot.com/2015/04/6kbbs-v80-sql-injection-security.html

http://www.inzeed.com/kaleidoscope/computer-web-security/6kbbs-v8-0-sql-injection-security-vulnerabilities/

http://diebiyi.com/articles/%E5%AE%89%E5%85%A8/6kbbs-v8-0-sql-injection-security-vulnerabilities/

https://hackertopic.wordpress.com/2015/04/02/6kbbs-v8-0-sql-injection-security-vulnerabilities/

http://static-173-79-223-25.washdc.fios.verizon.net/?a=139222176300014&r=1&w=2

http://packetstormsecurity.com/files/authors/11270

http://www.osvdb.org/show/osvdb/117505

http://milw00rm.net/exploits/6367

CVE-2015-2066 – DLGuard SQL Injection Web Security Vulnerabilities

12 Thursday Mar 2015

Posted by BlackWhite in CVE, SQL Injection

≈ Leave a comment

Tags

0-day Exploit, Bug-Hunter, Computer Science, Computer Security, Crime-Defense, CVE-Publish, cyber-intelligence, cyber-security, Hack-Prevent, IEEE, Internet-Attack-Testing, IT-news, JingWang, math student, PHP-Code-Flaw, SQL Injection, Vulnerability Information, web-application-test, whitehat-technology

Web-Security-Choosing-The-Security

 

CVE-2015-2066 – DLGuard SQL Injection Web Security Vulnerabilities

Exploit Title: CVE-2015-2066 DLGuard /index.php c parameter SQL Injection Web Security Vulnerabilities

Product: DLGuard

Vendor: DLGuard

Vulnerable Versions: v4.5

Tested Version: v4.5

Advisory Publication: February 18, 2015

Latest Update: May 01, 2015

Vulnerability Type: Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) [CWE-89]

CVE Reference: CVE-2015-2066

CVSS Severity (version 2.0):

CVSS v2 Base Score: 7.5 (HIGH) (AV:N/AC:L/Au:N/C:P/I:P/A:P) (legend)

Impact Subscore: 6.4

Exploitability Subscore: 10.0

CVSS Version 2 Metrics:

Access Vector: Network exploitable

Access Complexity: Low

Authentication: Not required to exploit

Impact Type: Allows unauthorized disclosure of information; Allows unauthorized modification; Allows disruption of service

Writer and Reporter: Jing Wang [School of Physical and Mathematical Sciences (SPMS), Nanyang Technological University (NTU), Singapore] (@justqdjing)





Caution Details:

(1) Vendor & Product Description:

Vendor:

DLGuard

Product & Version:

DLGuard

v4.5

Vendor URL & Download:

DLGuard can be downloaded from here,

http://www.dlguard.com/dlginfo/index.php

Product Introduction Overview:

“DLGuard is a powerful, yet easy to use script that you simply upload to your website and then rest assured that your internet business is not only safe, but also much easier to manage, automating the tasks you just don’t have the time for.”

“DLGuard supports the three types, or methods, of sale on the internet:

<1>Single item sales (including bonus products!)

<2>Multiple item sales

<3>Membership websites”

“DLGuard is fully integrated with: PayPal, ClickBank, 2Checkout, Authorize.Net, WorldPay, AlertPay, Ebay, PayDotCom, E-Gold, 1ShoppingCart, Click2Sell, Mal’s E-Commerce, LinkPoint, PagSeguro, CCBill, CommerseGate, DigiResults, FastSpring, JVZoo, MultiSafePay, Paypal Digital Goods, Plimus, RevenueWire/SafeCart, SWReg, WSO Pro, and even tracks your free product downloads. The DLGuard built-in Shopping Cart offers Paypal, Authorize.net, and 2Checkout payment options. The Membership areas allow Paypal, Clickbank, 2Checkout, and LinkPoint recurring billing as well as linking to any PayPal, ClickBank, 2Checkout, Authorize.Net, WorldPay, AlertPay, Ebay, PayDotCom, E-Gold, 1ShoppingCart, E-Bullion, LinkPoint, PagSeguro, CCBill, CommerseGate, DigiResults, FastSpring, JVZoo, MultiSafePay, Paypal Digital Goods, Plimus, RevenueWire/SafeCart, SWReg, WSO Pro single sale and free products so that people who buy your products can access your members area. DLGuard is the perfect solution to secure your single sale item, such as a niche marketing website, software sales, ebook sales, and more! DLGuard not only protects your download page, but it makes setting up new products, or making changes to existing products so much quicker and easier than before.”


(2) Vulnerability Details:

DLGuard web application has a computer security bug problem. It can be exploited by SQL Injection attacks. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

Several similar products vulnerabilities have been found by some other bug hunter researchers before. DLguard has patched some of them. The MITRE Corporation is a not-for-profit company that operates multiple federally funded research and development centers (FFRDCs), which provide innovative, practical solutions for some of our nation’s most critical challenges in defense and intelligence, aviation, civil systems, homeland security, the judiciary, healthcare, and cybersecurity. It has phase, votes, comments and proposed details related to important vulnerabilities.

(2.1) The bug programming flaw vulnerability occurs at “&c” parameter in “index.php?” page.

 
 

References:

http://seclists.org/fulldisclosure/2015/Feb/69

https://www.mail-archive.com/fulldisclosure%40seclists.org/msg01703.html

https://progressive-comp.com/?a=139222176300014&r=1&w=1%E2%80%8B

http://permalink.gmane.org/gmane.comp.security.fulldisclosure/1607

http://lists.openwall.net/full-disclosure/2015/02/18/6

http://marc.info/?a=139222176300014&r=1&w=4

http://www.tetraph.com/blog/sql-injection-vulnerability/cve-2015-2066-dlguard-sql-injection-web-security-vulnerabilities/

http://www.inzeed.com/kaleidoscope/sql-injection-vulnerability/cve-2015-2066-dlguard-sql-injection-web-security-vulnerabilities/

http://diebiyi.com/articles/%E5%AE%89%E5%85%A8/sql-injection-vulnerability/cve-2015-2066-dlguard-sql-injection-web-security-vulnerabilities/

https://plus.google.com/u/0/107140622279666498863/posts/44pDNaZao8v

https://biyiniao.wordpress.com/2015/05/11/cve-2015-2066-dlguard-sql-injection-web-security-vulnerabilities/

http://shellmantis.tumblr.com/post/118658089031/inzeed-cve-2015-2066-dlguard-sql-injection#notes

http://xingzhehong.lofter.com/post/1cfd0db2_6ea8323

http://russiapost.blogspot.ru/2015/05/cve-2015-2066-dlguard-sql-injection-web.html

https://www.facebook.com/computersecurities/posts/375386899314769

http://blog.163.com/greensun_2006/blog/static/11122112201541193421290/

https://twitter.com/tetraphibious/status/597577800023838720

http://www.weibo.com/3973471553/Chj5OFIPk?from=page_1005053973471553_profile&wvr=6&mod=weibotime&type=comment#_rnd1431308778074

 

CVE-2014-9560 Softbb.net SoftBB SQL Injection Security Vulnerabilities

12 Thursday Feb 2015

Posted by BlackWhite in CVE, SQL Injection, Web Security

≈ Leave a comment

Tags

0-day, application, browser, computer, database, exploit, hacker, information, IT, scripting, security, technology, vulnerability, web, whitehat

cyber-security-620x400
Exploit Title: Softbb.net SoftBB /redir_last_post_list.php post Parameter SQL Injection
Product: SoftBB (mods)
Vendor: Softbb.net
Vulnerable Versions: v0.1.3
Tested Version: v0.1.3
Advisory Publication: Jan 10, 2015
Latest Update: Jan 10, 2015
Vulnerability Type: Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) (CWE-89)
CVE Reference: CVE-2014-9560
CVSS Severity (version 2.0):
CVSS v2 Base Score: 7.5 (HIGH) (AV:N/AC:L/Au:N/C:P/I:P/A:P) (legend)
Impact Subscore: 6.4
Exploitability Subscore: 10.0
Credit: Wang Jing [Mathematics, Nanyang Technological University (NTU), Singapore]

http://securityrelated.blogspot.com/2015/02/cve-2014-9560-softbbnet-softbb-sql.html

Categories

  • 0-Day (1)
  • 0Day (33)
  • Bugtraq (1)
  • Computer Security (31)
  • Covert Redirect Attack (34)
  • CRLF (1)
  • CSRF (2)
  • CVE (28)
  • CXSecurity (1)
  • DOS Attack (1)
  • FPD (1)
  • HTML Injection (1)
  • Iframe Injection Attack (2)
  • Information Leakage Attack (6)
  • Open Redirect Attack (23)
  • OSVDB (1)
  • Phishing (4)
  • Privilege Escalation (3)
  • Spam (4)
  • SQL Injection (5)
  • Uncategorized (1)
  • Unvalidate Redirects and Forwards (1)
  • Weak Encryption (1)
  • Web Application (5)
  • Web Security (30)
  • website Test (30)
  • XFS Attack (1)
  • XSS Attack (43)

Archives

  • November 2015 (4)
  • September 2015 (2)
  • August 2015 (4)
  • July 2015 (1)
  • June 2015 (13)
  • May 2015 (6)
  • April 2015 (7)
  • March 2015 (4)
  • February 2015 (13)
  • January 2015 (4)
  • December 2014 (39)
  • November 2014 (3)
  • October 2014 (1)
  • September 2014 (4)
  • August 2014 (4)
  • July 2014 (5)
  • June 2014 (8)
  • May 2014 (9)
  • April 2014 (1)

Recent Posts

  • Daily mail Registration Page Unvalidated Redirects and Forwards Web Security Problem
  • Daily Mail Online Website XSS Cyber Security Zero-Day Vulnerability
  • Daily mail Registration Page Unvalidated Redirects and Forwards & XSS Web Security Problem
  • TeleGraph All Photo (Picture) Pages Have Been Vulnerable to XSS Cyber Attacks
  • VuFind 1.0 Reflected XSS (Cross-site Scripting) Application 0-Day Web Security Bug

Meta

  • Register
  • Log in
  • Entries feed
  • Comments feed
  • WordPress.com

Create a free website or blog at WordPress.com.

Cancel
Privacy & Cookies: This site uses cookies. By continuing to use this website, you agree to their use.
To find out more, including how to control cookies, see here: Cookie Policy