Cross Site Scripting – Page 6

Fortnite Attack Allowed Taking Over Player Accounts

Posted on January 17, 2019 by Lucian Constantin

Security researchers have found several vulnerabilities in the online game Fortnite that could have allowed hackers to break into player accounts, access their personal information, buy in-game currency with the linked credit cards and record their co… Continue reading Fortnite Attack Allowed Taking Over Player Accounts→

5 Popular Web Hosting Services Found Vulnerable to Multiple Flaws

Posted on January 16, 2019 by Wang Wei

A security researcher has discovered multiple one-click client-side vulnerabilities in the some of the world’s most popular and widely-used web hosting companies that could have put millions of their customers as well as billions of their sites’ visito… Continue reading 5 Popular Web Hosting Services Found Vulnerable to Multiple Flaws→

Popular Web-Hosting Platform Bluehost Riddled with Flaws, Researcher Claims

Posted on January 14, 2019 by Tara Seals

He said that similar flaws were also found in the Dreamhost, HostGator, OVH and iPage web hosting platforms. Continue reading Popular Web-Hosting Platform Bluehost Riddled with Flaws, Researcher Claims→

SSD Advisory – SME Server Unauthenticated XSS To Privileged Remote Code Execution

Posted on January 7, 2019 by SSD / Ori Nimron

Vulnerabilities Summary The following advisory describes a vulnerability in SME Server 9.2, which lets an unauthenticated attackers perform XSS attack that leads to remote code execution as root. SME Server is a Linux distribution for small and medium … Continue reading SSD Advisory – SME Server Unauthenticated XSS To Privileged Remote Code Execution→

WordPress 5.0 Gets Security Patch a Week After Release

Posted on December 14, 2018 by Lucian Constantin

Only a week has passed since the release of WordPress 5.0—a new major version codenamed “Bebo”—and the WordPress team has already pushed out a security update for it. WordPress 5.0.1, released Dec. 13, fixes seven vulnerabilities, some of … Continue reading WordPress 5.0 Gets Security Patch a Week After Release→

WordPress 5.0 Patched to Fix Serious Bugs

Posted on December 14, 2018 by Tom Spring

One bug accidentally allowed Google to index user passwords. Continue reading WordPress 5.0 Patched to Fix Serious Bugs→

Update now! WordPress 5.0.1 release fixes seven flaws

Posted on December 14, 2018 by John E Dunn

Don’t delay, update your Wordpress website today. Continue reading Update now! WordPress 5.0.1 release fixes seven flaws→

phpMyAdmin Releases Critical Software Update — Patch Your Sites Now!

Posted on December 11, 2018 by Mohit Kumar

Developers of phpMyAdmin, one of the most popular and widely used MySQL database management systems, today released an updated version 4.8.4 of its software to patch several important vulnerabilities that could eventually allow remote attackers to take… Continue reading phpMyAdmin Releases Critical Software Update — Patch Your Sites Now!→

DJI Patches Forum Bug That Allowed Drone Account Takeovers

Posted on November 8, 2018 by Tom Spring

Bug opened door for malicious link attack, giving hacker access to stored DJI drone data of commercial and consumer customers. Continue reading DJI Patches Forum Bug That Allowed Drone Account Takeovers→

Magecart Injects Skimmer Code in Customer Rating Widget

Posted on October 11, 2018 by Lucian Constantin

The groups of attackers who specialize in injecting payment card skimmer code called Magecart into online shops managed to compromise a third-party customer rating plugin called Shopper Approved that’s used by thousands of websites. The compromi… Continue reading Magecart Injects Skimmer Code in Customer Rating Widget→