Disqus Shortname

Showing posts with label Open Redirection. Show all posts
Showing posts with label Open Redirection. Show all posts

Wednesday, 24 August 2016

Hostgator Open Redirection And Reflected XSS Vulnerability





Host gator was found vulnerable to Open Redirection & Reflected XSS

Vulnerable URL - https://www.hostgator.in/login.php?action=successful_login&newurl=http://google.com

Vulnerable Parameter = newurl

Impact : Allow attackers to trick the users to redirection to other(attacker) domain which can be use for phishing attacks. Etc.

Read more »
By No comments:

Thursday, 10 September 2015

Web2py 2.9.11 Open Redirection Vulnerability , CVE-2015-6961


Web2py Open Redirection Vulnerability Technical Details & POC.

# Vulnerability Title : Web2py 2.9.11  Open Redirection Vulnerability
# Reported Date      : 27-Jan-2014
# Fixed Date             : 2-July-2015
#  Author                   : Narendra Bhati
# CVE ID                  : CVE-2015-6961
# Additional Links –
* https://github.com/web2py/web2py/issues/731

Read more »
By No comments:
Subscribe to: Posts (Atom)