Saturday, 30 May 2009

*UPDATED 03/06/2009* - A fresh batch of critical cross-site scripting and open redirect vulnerabilities was added today to the archive.

Tuesday, 12 May 2009

Hundreds of thousand websites host vulnerable Flash files which can be used by malicious people to conduct convincing phishing and XSS attacks. In most cases cookie hijacking is possible. Unsuspecting users can be redirected to malware content sites from trustworthy sites using SSL.

Tuesday, 12 May 2009

Hexspirit has reported another critical XSS vulnerability on easypay.gr, owned by Pireaus Bank / Winbank.

Sunday, 10 May 2009

Security researcher "Hexspirit" has discovered multiple XSS and open redirect vulnerabilities affecting all major Greek bank websites.

Wednesday, 6 May 2009

A security researcher who goes by the nickname "Black-Hacker", has submitted to the archive a critical XSS vulnerability affecting a Google SSL page.

Monday, 4 May 2009

Roi Saltzman, a Security Researcher at IBM Rational Application Security Research Group, has been credited with the discovery  of this vulnerability - now fixed on Version 1.0.154.59 - which allows universal cross-site scripting (UXSS) without user interaction under certain conditions.  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18