|
Advisory:
|
pages.ebay.de – DOM based Cross-site Scripting vulnerability
|
|
Advisory ID:
|
SSCHADV2013-011
|
|
Author:
|
Stefan Schurtz
|
|
Affected Software:
|
Successfully tested on pages.ebay.de
|
|
Vendor URL:
|
|
|
Vendor Status:
|
fixed
|
======================
Vulnerability Description
======================
The website ‘pages.ebay.de’ is prone to a DOM based XSS vulnerability
Continue reading "SSCHADV2013-011 - pages.ebay.de - DOM based Cross-site Scripting vulnerability"
|
Advisory:
|
store.apple.com – DOM based Cross-site Scripting vulnerability
|
|
Advisory ID:
|
SSCHADV2013-009
|
|
Author:
|
Stefan Schurtz
|
|
Affected Software:
|
Successfully tested on store.apple.com
|
|
Vendor URL:
|
|
|
Vendor Status:
|
fixed
|
======================
Vulnerability Description
======================
The website ‘store.apple.com’ is prone to a DOM based XSS vulnerability
Continue reading "SSCHADV2013-009 - store.apple.com - DOM based Cross-site Scripting vulnerability"
|
Advisory:
|
Ligatus Advertising – DOM Based Cross-site Scripting vulnerability
|
|
Advisory ID:
|
SSCHADV2013-007
|
|
Author:
|
Stefan Schurtz
|
|
Affected Software:
|
Successfully tested on a.ligatus.com
|
|
Vendor URL:
|
|
|
Vendor Status:
|
fixed
|
======================
Vulnerability Description
======================
The ‘et’-Parameter in Ligatus Advertising is prone to a DOM Based XSS vulnerability.
Continue reading "SSCHADV2013-007 - Ligatus Advertising - DOM Based Cross-site Scripting vulnerability"
|
Advisory:
|
www.netcraft.com – Search Form Cross-site Scripting vulnerability
|
|
Advisory ID:
|
SSCHADV2013-008
|
|
Author:
|
Stefan Schurtz
|
|
Affected Software:
|
Successfully tested on www.netcraft.com
|
|
Vendor URL:
|
|
|
Vendor Status:
|
fixed
|
======================
Vulnerability Description
======================
The ‘q’-Parameter in the Search Form on www.netcraft.com is prone to a XSS vulnerability
Continue reading "SSCHADV2013-008 - www.netcraft.com - Search Form Cross-site Scripting vulnerability"
|
Advisory:
|
Omniture web analytics – Open Redirection vulnerability
|
|
Advisory ID:
|
SSCHADV2013-003
|
|
Author:
|
Stefan Schurtz
|
|
Affected Software:
|
Successfully tested on paypal.112.2o7.net
|
|
Vendor URL:
|
|
|
Vendor Status:
|
fixed
|
======================
Vulnerability Description
======================
The ‘vmh’-Parameter in Omniture web analytics is prone to a Open Redirection vulnerability
Continue reading "SSCHADV2013-003 - Omniture web analytics - Open Redirection vulnerability"
|
Advisory:
|
WordPress Plugin ‘AJAX Comment Page 3.25’ Cross-site scripting vulnerability
|
|
Advisory ID:
|
SSCHADV2013-006
|
|
Author:
|
Stefan Schurtz
|
|
Affected Software:
|
Successfully tested on AJAX Comment Page 3.25
|
|
Vendor URL:
|
|
|
Vendor Status:
|
fixed
|
|
CVE-ID:
|
Requested
|
======================
Vulnerability Description
======================
The parameter ‘max’ of the WordPress plugin ‘AJAX Comment Page’ is prone to a XSS vulnerability
Continue reading "SSCHADV2013-006 - WordPress Plugin 'AJAX Comment Page 3.25' Cross-site scripting vulnerability"