|
The Web Hacking Incidents Database
Last update:17 February 2008
List of Incidents for a Year
Select Year: 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008
List of incidents for the year 2001
6 incidents listed
Reported: 04 August 2005Occurred: 06 September 2001
Classifications:
- Attack Method: Credential/Session Prediction
- Outcome: Disclosure Only
References:
Reported: Occurred: 21 August 2001
Classifications:
- Attack Method: Cross Site Scripting (XSS)
Users who visited the Price Lotto site using Microsoft's IE (Internet Explorer) 4.x and 5.x, automatically downloaded malicious JavaScript that was programmed to alter the software configuration of their PCs.
References:
Reported: Occurred: 22 January 2001
Classifications:
- Attack Method: Predictable Resource Location
- Outcome: Disclosure Only
Sensitive files were left in a publicly accessible directory of a new web server install
References:
Reported: Occurred: 18 June 2001
Classifications:
- Attack Method: Credential/Session Prediction
- Outcome: Disclosure Only
View other orders by changing a sequential parameter number. Security was provided by client side JavaScript
References:
Reported: Occurred: 03 August 2001
Classifications:
- Attack Method: Cross Site Scripting (XSS)
- Outcome: Disclosure Only
Persistent XSS HTML Injection inside an HTML email message to hotmail
References:
Reported: Occurred: 05 November 2001
Classifications:
- Attack Method: Cross Site Scripting (XSS)
- Outcome: Disclosure Only
References:
This work is licensed under the Creative Commons Attribution License. To view a copy of this license, visit http://creativecommons.org/licenses/by/2.5/ or send a letter to Creative Commons, 559 Nathan Abbott Way, Stanford, California 94305, USA.
|
