Published Vulnerabilities

Fri
07
Aug
Editorial_Staff_Team's picture

Ferrari.com Simulationcenter - Remote Code Execution | PHP CGI Argument Injection

Ferrari.com Simulationcenter - Remote Code Execution | PHP CGI Argument Injection

Vulnerability-Lab researcher Kieran Claessens found a Remote Code Execution / PHP CGI Argument injection vulnerability in the official Ferrari Simulationcenter web application at http://simulationcenter.ferrari.com.

Fri
17
Jul
Editorial_Staff_Team's picture

Apple App Store and iTunes Store - Filter Bypass & Persistent Invoice Web Vulnerability

Apple iTunes & AppStore - (Invoice) Persistent Input Validation & Mail Encoding Web Vulnerability

Apple App Store and iTunes Store - Filter Bypass & Persistent Invoice Web Vulnerability

An application-side input validation web vulnerability has been discovered in the official Apple - App Store and iTunes Store online-service web-application. Vulnerability-Lab Founder and Researcher Benjamin Kunz-Mejri discovered a vulnerability that allows remote attackers to inject own malicious script codes to the application-side of the vulnerable context function or service module. The Vulnerability has been reported to Apple Security team on June 9, 2015 and they accepted it via mail response on June 29, 2015. Since then there was only a brief conversation about the issue and the status mails are not fully replied by Apple.

Pages

Subscribe to RSS - Published Vulnerabilities