Search for: cve

CVE-2017-14620, Stored DOM XSS, SmarterStats V11.3.6347

CVE-2017-14620 SmarterStats V11.3.6347 Renders the Referer Version Identification TL;DR SmarterStats Version 11.3.6347, and possibly prior versions, will Render the Referer Field of HTTP Logfiles in URL /Data/Reports/ReferringURLsWithQueries Reporter David Hoyt | XSS.Cx Commentary This Vulnerability was identified back in 2010 when I Reported other Stored XSS Bugs to SmarterTools. Stored XSS is a powerful exploit […]

CVE-2017-5638, Vulnerability Reporter Notebook

TL;DR Manage Balance Sheet Risk with ISO 29147. InfoSec Industry is Broken. Vulnerability Reporters Notebook In the News is the Equifax Breach. Personally Identifying Information (PII) is a Public Interest Story when all Consumers are impacted. This commentary is based on my own Research which is Public Domain for annualcreditreport.com and experian.in. CVE-2017-5638 Discussion & […]

CVE-2016-10097, XXE, SSO, Open AM 10.1.0, XML Injection, SAML Request Parameter

CVE-2016-10097 – See Also Indicators of Compromise DORK: “Copyright © 2010 ForgeRock AS, Philip Pedersens vei 1, 1366 Lysaker, Norway” XML External Entity (XXE) Vulnerability in /SSOPOST/metaAlias/%realm%/idpv2 in OpenAM – Access Management 10.1.0 allows remote attackers to read arbitrary files via the SAMLRequest parameter. XXE Proof of Concept (PoC) Code for Exploit against Open AM 10.1.0 […]

CVE-2016-10097, Open AM 10.1.0, XML Injection, XXE, External Entity Resolution, SSO Data Exfiltration, PoC

TL;DR – Open AM 10.1 exploitable via XXE at /SSOPOST/metaAlias/%realm%/idpv2 XML External Entity (XXE) Vulnerability in /SSOPOST/metaAlias/%realm%/idpv2 in OpenAM – Access Management 10.1.0 allows remote attackers to read arbitrary files via the SAMLRequest parameter. XXE is a means to an RCE Endpoint. XXE provides visibility into the Target System. You may find old JBOSS, PHP, Tomcat, Apache or […]

CVE-2014-4406, APPLE-SA-2014-09-17-5 OS X Server 3.2.1, DOM XSS, window.location.hash

CVE-2014-4406, APPLE-SA-2014-09-17-5 OS X Server 3.2.1, DOM XSS, window.location.hash Keywords Cross-Site Scripting (XSS), Document Object Model (DOM), window.location.hash, User Agent Exploitation, Proof of Concept (PoC), CVE-2014-4406, APPLE-SA-2014-09-17-5 OS X Server 3.2.1, XCode Server, CVE-2013-1034, SVG, toString, innerHTML CVE-2014-4406 Summary Cross-site scripting (XSS) vulnerability in Xcode Server in CoreCollaboration in Apple OS X Server before 3.2.1 […]

CVE-2014-2546, CVE-2014-2547, CVE-2014-2548, Parallels Panel for Windows Version 11.5.30

CVE Assignments for Parallels Panel for Windows Version 11.5.30 Parallels Panel for Windows Version 11.5.30 contains multiple Vulnerabilities which may lead to SQL Injection and Priv Escalation. Author: Hoyt LLCDate: August 12, 2014Subject: CVE Assignments for Parallels Panel for Windows Version 11.5.30 CVE-2014-2546 Multiple Unspecified Parameterized XSS Vulnerabilities (CWE-79) requiring Authentication CVE-2014-2547 Multiple Unspecified Parameterized […]

CVE-2013-6853: Stored XSS in Y! Toolbar DOM for FireFox on MAC V3.1 + Windows V2.5 Resolved

CVE-2013-6853: Stored XSS via Code Injection in Y! Toolbar DOM for FireFox on MAC Version 3.1.0.20130813024103 and Windows Version 2.5.9.2013418100420. Resolved Published January 14, 2014 on XSS.Cx by Hoyt LLC Date: November 11, 2013                                                Author: Hoyt LLC http://xss.cx/ A local Stored XSS via Code Injection in Y! Toolbar DOM for FireFox on MAC Version 3.1.0.20130813024103 and […]

CVE-2013-1034, Stored XSS, XXE, OS X Server v2.2.1, APPLE-SA-2013-09-17-1, HTML Injection, JSON XSS, Stored DOM XSS, SQL Injection

CVE-2013-1034 Summary Last Updated 18/9/2013 @ 1800 GMTAPPLE-SA-2013-09-17-1 was released on September 17, 2013 to address multiple Bugs in OS X Server 2.2.1(163), collabd, reported to Apple Product Security on April 17, 2013. KeywordsCVE-2013-1034, Cross-Site Scripting, Apple, APPLE-SA-2013-09-17-1, CWE-79, CAPEC-86, CWE-611, OS X Version 2.2.1, DoS, Crash, CAPEC-66, Colladb, Ruby on Rails, PostgreSQLImpactCVSS Severity (version 2.0):CVSS v2 Base Score:4.3 (MEDIUM) (AV:N/AC:M/Au:N/C:N/I:P/A:N)Impact Subscore: 2.9Exploitability Subscore: 8.6CVSS […]

CVE-2013-0438, Oracle Java JRE 7u5 SOP Bypass for ZIP-Based Filetypes, XSS, Cross Site Scripting

Oracle Java JRE 7u5 SOP Bypass for ZIP-Based Filetypes CVE-2013-0438, Oracle Document XSS.CX Allowance: $4,000 (Four Thousand US Dollars) KeywordsSecurity, Web, Cross-Site Scripting, Private Bug Report, Oracle, Java, JRE, Same-Origin Policy SummaryA bug in the Oracle Java  JRE 7u5 browser plugin allows cross-domain theft of any information encapsulated in a JAR or ZIP file. With […]

CVE-2012-1903, Stored XSS, Javascript Injection, Telligent Community 5.6.583.20496

Telligent Community 5.6.583.20496 (Build: 5.6.583.20496)CVE-2012-1903Persistent Flash XSS Keywords: Security, Web, Cross-Site Scripting, Private Bug Report, Dell, Community, Adobe Flash, Telligent, EoL, No Fix The affected platform is based on the third-party community software Telligent Community 5.6.583.20496 (Build: 5.6.583.20496). The current release is Community 7.x and was not tested, Version 5 is EoL. IntroductionTelligent Community is […]