HNS MAIN FEED
Sunday, 22:12 EDT
- Scammers using IM to deliver "IQ Test" spam
- Automated vs. manual security
- Facebook boosts security by adding remote logout feature
- Trojan attacks remain widespread
- Spammers attack Apple's Ping social network
- Labor Day phishing warning
- User's opinions on malware infections revealed
- Google Code hosting malware-spreading project
- Fake browser warnings lure victims to rogue AV solution
- Rescue of Chilean miners used as lure by banker Trojan
- Phishing campaign targets McDonald's fans
- Cyber crooks steal nearly $1 million from University of Virginia
Pivot Multiple Cross-Site Scripting and HTML Injection Vulnerabilities
23 June 2009
Pivot is a web-based application implemented in PHP. The application is exposed to multiple input validation issues. Attacker-supplied HTML or JavaScript code could run in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials and to control how the site is rendered to the user. Pivot versions 1.40.4 and 1.40.7 are affected.
Ref: http://forum.intern0t.net/intern0t-advisories/1119-intern0t-pivot-1-40-4-7-multiple-vulnerabilities.html
09.25.107 - CVE: Not Available
Platform: Web Application
Ref: http://forum.intern0t.net/intern0t-advisories/1119-intern0t-pivot-1-40-4-7-multiple-vulnerabilities.html
09.25.107 - CVE: Not Available
Platform: Web Application