from:"Felipe M. Aragon"

Syhunt: Google V8 - Server-Side JS Injection in vulnerable web apps

2012-02-27 Thread Felipe M. Aragon

Google V8 Server-Side JavaScript Injection joins the set of web application security vulnerabilities TIME-BASED PHP V8JS INJECTION & NOSQL/SSJS INJECTION Detecting server-side JavaScript (SSJS) injection vulnerabilities using time-based techniques. Article by Felipe Aragon - February 25, 2012

Syhunt: Time-Based Blind NoSQL Injection

2011-12-19 Thread Felipe M. Aragon

Time-Based Blind NoSQL Injection - Detecting server-side JavaScript injection vulnerabilities In July 2011, Bryan Sullivan, a senior security researcher at Adobe Systems, demonstrated server-side JavaScript injection vulnerabilities in web applications using MongoDB and other NoSQL database en

Syhunt Advisory: Visual Synapse HTTP Server Directory Traversal Vulnerability

2010-10-07 Thread Felipe M. Aragon

Syhunt Advisory: Visual Synapse HTTP Server Directory Traversal Vulnerability Advisory-ID: 201010071 Discovery Date: 09.07.2010 Release Date: 10.07.2010 Affected Applications: Visual Synapse HTTP Server 1.0 RC3, 1.0 RC2, 1.0 RC1, 0.60 and previous releases; And any applications using the Visual

Syhunt: A-A-S (Application Access Server) Multiple Security Vulnerabilities

2009-05-12 Thread Felipe M. Aragon

Syhunt: A-A-S (Application Access Server) Multiple Security Vulnerabilities Advisory-ID: 200905111 Discovery Date: 3.23.2009 Release Date: 5.11.2009 Affected Applications: A-A-S 2.0.48 and possibly older versions Class: XSRF (Cross Site Request Forgery) Arbitrary Command Execution, Undocumented

Syhunt: HFS (HTTP File Server) Template Cross-Site Scripting and Information Disclosure Vulnerabilities

2008-01-23 Thread Felipe M. Aragon

Syhunt: HFS (HTTP File Server) Template Cross-Site Scripting and Information Disclosure Vulnerabilities Advisory-ID: 200801161 Discovery Date: 1.16.2008 Release Date: 1.23.2008 Affected Applications: HFS 2.0 to and including 2.3(Beta Build #174) Non-Affected Applications: HFS 1.6a and earlier ver

Syhunt: HFS (HTTP File Server) Log Arbitrary File/Directory Manipulation and Denial-of-Service Vulnerabilities

2008-01-23 Thread Felipe M. Aragon

Syhunt: HFS (HTTP File Server) Log Arbitrary File/Directory Manipulation and Denial-of-Service Vulnerabilities Advisory-ID: 200801162 Discovery Date: 1.16.2008 Release Date: 1.23.2008 Affected Applications: HFS 2.2 to and including 2.3(Beta Build #174) Non-Affected Applications: HFS 2.1d and earl

Syhunt: HFS (HTTP File Server) Username Spoofing and Log Forging/Injection Vulnerability

2008-01-23 Thread Felipe M. Aragon

Syhunt: HFS (HTTP File Server) Username Spoofing and Log Forging/Injection Vulnerability Advisory-ID: 200801163 Discovery Date: 1.16.2008 Release Date: 1.23.2008 Affected Applications: HFS 1.5g to and including 2.3(Beta Build #174); and possibly HFS version 1.5f Non-Affected Applications: HFS 1.5

Syhunt: Google V8 - Server-Side JS Injection in vulnerable web apps

Syhunt: Time-Based Blind NoSQL Injection

Syhunt Advisory: Visual Synapse HTTP Server Directory Traversal Vulnerability

Syhunt: A-A-S (Application Access Server) Multiple Security Vulnerabilities

Syhunt: HFS (HTTP File Server) Template Cross-Site Scripting and Information Disclosure Vulnerabilities

Syhunt: HFS (HTTP File Server) Log Arbitrary File/Directory Manipulation and Denial-of-Service Vulnerabilities

Syhunt: HFS (HTTP File Server) Username Spoofing and Log Forging/Injection Vulnerability

7 matches

Site Navigation

Mail list logo

Footer information