djeaux :: FasterSlasher demo

FasterSlasher RSS Newsfeed Display Script

FasterSlasher is a Perl script that displays a list of articles or headlines taken from a remote RSS or RDF file. Basically, you feed FasterSlasher the URL of an RSS file on the web & it will fetch the file, interpret the XML coding & display a nicely formatted list.

Output can be formatted for full-page display or SSI use. Other controls include the number of headlines/articles shown & whether descriptions are displayed in addition to titles.

XML parsing is handled by the Perl module XML::RSSLite. This is not a "standard" Perl module & your ISP may not support it. But it's easy to install locally in your own cgi-bin. (Details included in the download file.)

Example A: Headline listing embedded in this page using SSI. Display of item descriptions is enabled. The number of titles is set to allow this site's RSS list to "max out"...
Bugtraq
The premier general security mailing list. Vulnerabilities are often announced here first, so check frequently!

Vulnerabilities in CMS WebManager-Pro
Posted by MustLive on Sep 02Hello Bugtraq! I want to warn you about SQL Injection and Redirector (URL Redirector Abuse) vulnerabilities in CMS WebManager-Pro (SecurityVulns ID:11108). It's Ukrainian commercial CMS. SQL Injection: <a rel="nofollow" href="http://site/c.php?id=1%20and%20version">http://site/c.php?id=1%20and%20version</a>()=5 Redirector: <a rel="nofollow" href="http://site/c.php?id=1&url=http://websecurity.com.ua">http://site/c.php?id=1&url=http://websecurity.com.ua</a> Affected products: both systems CMS WebManager-Pro from two developers. Vulnerable are versions CMS WebManager-Pro up to 8.1... 
PRL Novell Netware OpenSSH Remote Stack Overflow
Posted by Francis Provencher on Sep 02##################################################################################### Application: Novell Netware OpenSSH Remote Stack Overflow Platforms: Netware 6.5 Exploitation: Remote code execution CVE Number: Novell TID: 7006756 ZeroDayInitiative: ZDI-10-169 Author: Francis Provencher (Protek Research Lab's) Blog: <a rel="nofollow" href="http://www.protekresearchlab.com/">http://www.protekresearchlab.com/</a>... 
Moovida Media Player version 2.0.0.15 Insecure DLL Hijacking Vulnerability (libc.dll,quserex.dll)
Posted by YGN Ethical Hacker Group on Sep 021. OVERVIEW The Moovida Media Player application is vulnerable to Insecure DLL Hijacking Vulnerability. Similar terms that describe this vulnerability have been come up with Remote Binary Planting, Unsafe Library Loading, and Insecure DLL Loading/Injection/Hijacking/Preloading. 2. PRODUCT DESCRIPTION Moovida Media Player is a free and open source media center that allows you to enjoy all of your music, video and pictures in an awsome... 
[ MDVSA-2010:168 ] openssl
Posted by security on Sep 02 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2010:168 <a rel="nofollow" href="http://www.mandriva.com/security/">http://www.mandriva.com/security/</a> _______________________________________________________________________ Package : openssl Date : September 1, 2010 Affected: 2010.1 _______________________________________________________________________ Problem Description: A vulnerability has been found... 
[ MDVSA-2010:169 ] mozilla-thunderbird
Posted by security on Sep 02 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2010:169 <a rel="nofollow" href="http://www.mandriva.com/security/">http://www.mandriva.com/security/</a> _______________________________________________________________________ Package : mozilla-thunderbird Date : September 2, 2010 Affected: 2008.0, 2009.0, 2010.0, 2010.1 _______________________________________________________________________ Problem... 
[USN-982-1] Wget vulnerability
Posted by Marc Deslauriers on Sep 02=========================================================== Ubuntu Security Notice USN-982-1 September 02, 2010 wget vulnerability CVE-2010-2252 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 8.04 LTS Ubuntu 9.04 Ubuntu 9.10 Ubuntu 10.04 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem... 
XSS vulnerability in ArtGK CMS
Posted by advisory on Sep 01Vulnerability ID: HTB22588 Reference: <a rel="nofollow" href="http://www.htbridge.ch/advisory/xss_vulnerability_in_artgk_cms_1.html">http://www.htbridge.ch/advisory/xss_vulnerability_in_artgk_cms_1.html</a> Product: ArtGK CMS Vendor: ArtGK ( <a rel="nofollow" href="http://artgk-cms.ru/">http://artgk-cms.ru/</a> ) Vulnerable Version: 2009-08-28 16:00:00 and Probably Prior Versions Vendor Notification: 18 August 2010 Vulnerability Type: XSS (Cross Site Scripting) Status: Not Fixed, Vendor Alerted, Awaiting Vendor Response Risk level: Medium Credit: High-Tech Bridge SA - Ethical Hacking &... 
Online Binary Planting Exposure Test
Posted by ACROS Lists on Sep 01ACROS Security has made the Online Binary Planting Exposure Test publicly accessible for the benefit of all Windows users. This test should make it easy for users and administrators to assess their exposure to binary planting attacks originating from the Internet. URL: <a rel="nofollow" href="http://www.binaryplanting.com/test.htm">http://www.binaryplanting.com/test.htm</a> Note that this test is NOT meant to answer whether you're vulnerable (at this point where so many binary planting vulnerabilities exist out... 
XSS vulnerability in Rumba CMS tags
Posted by advisory on Sep 01Vulnerability ID: HTB22591 Reference: <a rel="nofollow" href="http://www.htbridge.ch/advisory/xss_vulnerability_in_rumba_cms.html">http://www.htbridge.ch/advisory/xss_vulnerability_in_rumba_cms.html</a> Product: Rumba CMS Vendor: Rumba Netware Ltd. ( <a rel="nofollow" href="http://rumbacms.com">http://rumbacms.com</a> ) Vulnerable Version: 2.4 and Probably Prior Versions Vendor Notification: 18 August 2010 Vulnerability Type: Stored XSS (Cross Site Scripting) Status: Not Fixed, Vendor Alerted, Awaiting Vendor Response Risk level: Medium Credit: High-Tech Bridge SA - Ethical Hacking... 
XSS vulnerability in ArtGK CMS forum
Posted by advisory on Sep 01Vulnerability ID: HTB22587 Reference: <a rel="nofollow" href="http://www.htbridge.ch/advisory/xss_vulnerability_in_artgk_cms.html">http://www.htbridge.ch/advisory/xss_vulnerability_in_artgk_cms.html</a> Product: ArtGK CMS Vendor: ArtGK ( <a rel="nofollow" href="http://artgk-cms.ru/">http://artgk-cms.ru/</a> ) Vulnerable Version: 2009-08-28 16:00:00 and Probably Prior Versions Vendor Notification: 18 August 2010 Vulnerability Type: XSS (Cross Site Scripting) Status: Not Fixed, Vendor Alerted, Awaiting Vendor Response Risk level: Medium Credit: High-Tech Bridge SA - Ethical Hacking &... 
XSS vulnerability in Rumba CMS
Posted by advisory on Sep 01Vulnerability ID: HTB22592 Reference: <a rel="nofollow" href="http://www.htbridge.ch/advisory/xss_vulnerability_in_rumba_cms_1.html">http://www.htbridge.ch/advisory/xss_vulnerability_in_rumba_cms_1.html</a> Product: Rumba CMS Vendor: Rumba Netware Ltd. ( <a rel="nofollow" href="http://rumbacms.com">http://rumbacms.com</a> ) Vulnerable Version: 2.4 and Probably Prior Versions Vendor Notification: 18 August 2010 Vulnerability Type: Stored XSS (Cross Site Scripting) Status: Not Fixed, Vendor Alerted, Awaiting Vendor Response Risk level: Low Credit: High-Tech Bridge SA - Ethical Hacking &... 
Tortoise SVN DLL Hijacking Vulnerability
Posted by nikhil_uitrgpv on Sep 01The Common Vulnerabilities and Exposures (CVE) project has assigned the name CVE-2010-3199 to this issue. This is a candidate for inclusion in the CVE list (<a rel="nofollow" href="http://cve.mitre.org">http://cve.mitre.org</a>), which standardizes names for security problems. 
XSS vulnerability in Amiro.CMS FAQ
Posted by advisory on Sep 01Vulnerability ID: HTB22590 Reference: <a rel="nofollow" href="http://www.htbridge.ch/advisory/xss_vulnerability_in_amiro_cms_1.html">http://www.htbridge.ch/advisory/xss_vulnerability_in_amiro_cms_1.html</a> Product: Amiro.CMS Vendor: Amiro ( <a rel="nofollow" href="http://www.amiro.ru/">http://www.amiro.ru/</a> ) Vulnerable Version: 5.8.4.0 and Probably Prior Versions Vendor Notification: 18 August 2010 Vulnerability Type: Stored XSS (Cross Site Scripting) Status: Not Fixed, Vendor Alerted, Awaiting Vendor Response Risk level: Medium Credit: High-Tech Bridge SA - Ethical Hacking &... 
VMSA-2010-0013 VMware ESX third party updates for Service Console
Posted by VMware Security Team on Sep 01------------------------------------------------------------------------ VMware Security Advisory Advisory ID: VMSA-2010-0013 Synopsis: VMware ESX third party updates for Service Console Issue date: 2010-08-31 Updated on: 2010-08-31 (initial release of advisory) CVE numbers: CVE-2005-4268 CVE-2010-0624 CVE-2010-2063 CVE-2010-1321 CVE-2010-1168 CVE-2010-1447... 
VMSA-2010-0013
Posted by VMware Security Team on Sep 01------------------------------------------------------------------------ VMware Security Advisory Advisory ID: VMSA-2010-0013 Synopsis: VMware ESX third party updates for Service Console Issue date: 2010-08-31 Updated on: 2010-08-31 (initial release of advisory) CVE numbers: CVE-2005-4268 CVE-2010-0624 CVE-2010-2063 CVE-2010-1321 CVE-2010-1168 CVE-2010-1447... 

View the last 25 posts.
Example B: The link below will open a full-page display for kuro5hin.org & descriptions are provided in addition to titles...
Open a full page listing with descriptions (kuro5hin.org uses verbose descriptions!).
Example C: The same headlines but without the descriptions & constrained to 8 headlines.
Open a full page listing without descriptions

In general, the SSI method is easier for most folks to use, since style sheets & other markups can be set conventionally. The full-page method requires some editing of the Perl source in order to incorporate style sheets or fancy formatting.

DOWNLOAD

back to djeaux home page