Tag Archives: XSS

XSS ChEF -Chrome Extension Exploitation Framework

XSS ChEF – is a Chrome Extension Exploitation Framework that you can use during penetration testing to execute scripts in particular vulnerable website with cross site scripting (XSS), take screenshots of the tabs to track browsing history and cookies or

OWASP published 2013 Top 10 Vulnerabilities

The Open Web Application Security Project (OWASP) have published the top 10 most dangerous vulnerabilities in web-applications for 2013. This release comes to raise awareness about application security by identifying some of the most critical risks facing organizations. The OWASP

Multiple Vulnerabilities on CBS Website

CBS (cbs.com) is a popular media website that has been found open to about 17 Blind SQL Injection, this is beside several XSS cross site scripting vulnerabilities that risk website users. D35m0nd142 posted on pastbin his finding with images to

Honeywell WebSite Open to XSS and More

xss

Shadab Siddiqui a security researcher have just revealed several critical vulnerability at honeywell.com , redhat.com, pinterest.com, alshaya.com websites, cross site scripting vulnerability allows attacker to inject an iframe in the website to run a malicious script on visitors computers.  Also

Kaspersky Site Vulnerable to Cross-site Scripting Assaults

Kaspersky Lab site is now open to XSS (cross-site scripting) attacks together with Iframe injections. This is not good for any company, especially for a company dealing with security. An XSS attack launches when a web program collects vicious data

Cross Site Scripting Vulnerabilities in Elgg <= 1.7.9

New vulnerability has been discovered in Elgg an open-source application that helps to create social networking engine, delivering the building blocks that enable businesses, schools, universities and associations to create their own fully-featured social networks and applications. Well-known Organizations with

Beware of A New XSS on Facebook

New Cross-site scripting vulnerability has been detected on Facebook and widely exploited in the mobile API version, this vulnerability allows a malicious user to include JavaScript content into a website and redirect victim’s browser to the prepared URL. I have