Written on : 2015/11/03 Author: John JEAN / @johnjean on twitter) Affected application: Amazon API Evaluated Risk : Medium Solution Status : A patch has been released which fixes these vulnerabilities References : https://johnjean.io/2015/11/03/amazons-api-cryptographic-verification-badly-implemented/ References : https://github.com/PrestaShop/amzpayments/issues/13 CVE: NALeave a Comment
Written on : 2013/05/02 Released on : 2013/05/13 Author: John JEAN / @johnjean on twitter) Affected application: Invision Power Board <= 3.4.4 Type of vulnerability: Logical Vulnerability / Bad Sanitization Required informations : Administrator's email Evaluated Risk : Critical Solution Status : A patch has been released which fixes these vulnerabilities References : https://johnjean.io/2013/05/13/ipb-invision-power-board-all-versions-1-x-2-x-3-x-admin-account-takeover-leading-to-code-execution/ CVE: CVE-2013-37256 Comments
Written on : 2010/10/03 Released on : 2010/10/05 Author: John JEAN / @johnjean on twitter) Affected application: Facebook Type of vulnerability: Logical Vulnerability / XSS / CSRF Required informations : Nothing Evaluated Risk : Critical Solution Status : Facebook patched this issue References : https://johnjean.io/2010/10/05/facebook-vulnerabilites-csrf-et-xss-ver-destructeurs-sur-un-reseau-social/7 Comments
Written on : 2010/10/03 Released on : 2010/10/05 Author: John JEAN / @johnjean on twitter) Affected application: Facebook Type of vulnerability: Logical Vulnerability / XSS / CSRF Required informations : Nothing Evaluated Risk : Critical Solution Status : Facebook patched this issue References : https://johnjean.io/2010/10/05/facebook-csrf-and-xss-vulnerabilities-destructive-worms-on-a-social-network/Leave a Comment
36. C’est le nombre de lignes de PHP contenues dans l’exploit que je viens de tester avec intérêt.
4. C’est le nombre de serveurs contenus dans un cluster de test au boulot et qui viennent tous de cesser de répondre pendant que je testais cet exploit. Démentiel. 01h25, c’est l’heure à laquelle j’écris ce billet: vous m’excuserez donc pour les fautes d’orthographes du billet cet article c’est un peu une « Breaking News ».
Written on : 2006/10/10 Released on : 2006/10/29 Author: John JEAN / @johnjean on twitter) Affected application: PunBB <= 1.2.13 Multiple Vulnerabilities Evaluated Risk : Critical Solution Status : A patch has been released which fixes these vulnerabilities References : https://johnjean.io/2006/10/29/punbb-multiple-vulnerabilities/ CVE: CVE-2006-5735 / CVE-2006-5736 / CVE-2006-5737Leave a Comment