by Julien Ahrens | Sunday, September 30, 2012 | Advisory
Hamburg.de – The website of the most beautiful city in Germany which is famous for its big port and its amazing atmosphere. Some days ago I had found a Non-Persistent Cross-Site Scripting vulnerability on this website and informed the team of Hamburg.de about...
by Julien Ahrens | Friday, August 24, 2012 | Advisory
About a small, but nice CMS! Update immediately to v0.4 RC3 which fixes critical SQL-Injection vulnerabilities! References:http://security.inshell.net/advisory/23http://seclists.org/fulldisclosure/2012/Aug/304 1. ADVISORY INFORMATION...
by Julien Ahrens | Wednesday, June 27, 2012 | Advisory
Have you read one of my last articles regarding webmasters ? The university of Salzburg didn’t or at least didn’t want to. In April I tried to contact the internal university IT staff about a possible Cross-Site Scripting security flaw on their main...
by Julien Ahrens | Sunday, June 10, 2012 | Advisory, CVE
Hello readers. This time I’ve found a quite interesting vulnerability in the widely spread firewall appliance “Astaro Security Gateway” (ASG) which is now maintained by Sophos. Although it only has got an assigned CVSSv2 Score of 3,5...
by Julien Ahrens | Friday, June 8, 2012 | Advisory
www.kiel.de – the website of the state capital of “Schleswig-Holstein” in northern Germany which is very famous for the “Kieler Woche”. Some weeks ago I stumbled over a critical SQL-Injection vulnerability on their website and...
by Julien Ahrens | Friday, May 18, 2012 | Advisory
In April, I stumbled over a Cross-Site Scripting vulnerability on the Mozilla Developer Network! Due to improper input validation mechanisms an attacker could temporarily inject own code into user browser sessions with required user interaction using manipulated URLs:...
