CVE-2013-1782

Vulnerability overview: CVE-2013-1782 affects the Responsive Blog Theme for Drupal 7.x-1.x, prior to 7.x-1.6. The issue is an XSS vulnerability where user-entered content in the social icons is not properly sanitized, allowing remote authenticated users with the administer themes permission to in...

Java enabled browsers are highly vulnerable

Oracle has released emergency patches multiple of times in recent months for Java for one after another set of vulnerabilities. About 100 million computers reported to be vulnerable to unauthorized access via different flaw in Java software. Department of Homeland Security's US-CERT already warne...

Mutiny Remote Command Execution Vulnerability

This Metasploit module exploits an authenticated command injection vulnerability in the Mutiny appliance. Versions prior to 4.5-1.12 are vulnerable. In order to exploit the vulnerability the mutiny user must have access to the admin interface. The injected commands are executed with root...

WordPress Plugin IndiaNIC FAQs Manager 1.0 - Blind SQL Injection

WordPress Plugin IndiaNIC FAQs Manager 1.0 - Blind SQL Injection Exploit Title: WordPress IndiaNIC FAQ 1.0 Plugin Blind SQL Injection Google Dork: inurl:wp-content/plugins/faqs-manager Date: 21.03.2013 Exploit Author: m3tamantra http://m3tamantra.wordpress.com/blog Vendor Homepage:...

Google Releases Google Chrome 25.0.1364.173

Google has released Google Chrome 25.0.1364.173 to address multiple vulnerabilities. These vulnerabilities may allow an attacker to cause a denial-of-service condition or execute arbitrary code. US-CERT encourages users and administrators to review the Google Chrome Release blog entry and update ...

Web Cookbook SQL Injection

Exploit Title: Web Cookbook Multiple SQL Injection Date: 2013/3/12 Exploit Author: Saadat Ullah ， [email protected] Software Link: http://sourceforge.net/projects/webcookbook/ Author HomePage: http://security-geeks.blogspot.com/ Tested on: Server: Apache/2.2.15 Centos PHP/5.3.3 SQL...

Phishers hijacking Facebook Pages using apps

Another phishing campaign come in action recently targeting Facebook accounts and company pages with millions of followers. Phishers continue to devise new fake apps for the purpose of harvesting confidential information. Not a new method, but very creative phishing example in Facebook hacking...

Google Releases Google Chrome 25.0.1364.152

Google has released Google Chrome 25.0.1364.152 for Windows, Linux, and Mac to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code, bypass security features, or cause a denial-of-service condition. US-CERT encourages users and administrators to...

WordPress Plugin Uploader - blog Cross-Site Scripting

WordPress Plugin Uploader - blog Cross-Site Scripting source: https://www.securityfocus.com/bid/58285/info The Uploader Plugin for WordPress is prone to a cross-site-scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute...

Blog System 2.0 XSS/SQL Injection Vulnerability

Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...

SA-CONTRIB-2013-028 - Responsive Blog Theme - Cross Site Scripting (XSS)

Responsive Blog Theme is a light weight Drupal 7 theme with a modern look and feel. The theme doesn't properly sanitize user-entered content in the social icon leading to a Cross Site Scripting XSS vulnerability. This vulnerability is mitigated by the fact that an attacker would have to have the...

Z-blog程序存在反射性XSS漏洞,影响1.8版本~

简要描述： 貌似听朋友说,剑心蝈蝈看到小厂商的XSS是审核不过的,所以我尴尬了,今天研究博客的时候无意发现了Z-blog博客存在的一个小XSS,在引用地址这里,试了试可以! 详细说明： 官方试了一下,可以弹, http://download.rainbowsoft.org/cmd.asp?act=gettburl&id=104%22%3E%3Cimg%20src=1%20onerror=alert1;%3E 然后GG一下 inurl:cmd.asp?act=gettburl&id= 先拿俩试试吧...

First week at MEGA Bounty Program, paid out thousands of dollars for seven Bugs

One week after launching a Bug bounty program by the Kim Dotcom's new file-storage and sharing service MEGA claims to have fixed seven vulnerabilities. Although Mega hasn't shared how much money and to whom it paid out in the first week. But as promised, it is clear that MEGA paid out thousands o...

IRIS Citations Management Tool Command Execution

A vulnerability exists in IRIS citations management tool which allows a low privileged attacker to execute arbitrary commands. Details can be found on my blog: https://infosecabsurdity.wordpress.com/2013/02/09/iris-citations-management-tool-post-auth-remote-command-execution/ PoC:...

CVE-2012-6523

Multiple cross-site scripting XSS vulnerabilities in w-CMS 2.01 allow remote attackers to inject arbitrary web script or HTML via 1 the p parameter in the getMenus function in codes/wcms.php; or the COMMENT parameter in 2 blog.php, 3 guestbook.php, or 4 forum.php in codes/. NOTE: some of these...

Multiple DVR Manufacturers Configuration Disclosure

This module takes advantage of an authentication bypass vulnerability at the web interface of multiple manufacturers DVR systems, which allows to retrieve the device configuration. This module requires Metasploit: https://metasploit.com/download Current source:...

UBUNTU-CVE-2012-6105

blog/rsslib.php in Moodle 2.1.x before 2.1.10, 2.2.x before 2.2.7, 2.3.x before 2.3.4, and 2.4.x before 2.4.1 continues to provide a blog RSS feed after blogging is disabled, which allows remote attackers to obtain sensitive information by reading this feed...

Information disclosure

blog/rsslib.php in Moodle 2.1.x before 2.1.10, 2.2.x before 2.2.7, 2.3.x before 2.3.4, and 2.4.x before 2.4.1 continues to provide a blog RSS feed after blogging is disabled, which allows remote attackers to obtain sensitive information by reading this feed...

CVE-2012-6105

blog/rsslib.php in Moodle 2.1.x before 2.1.10, 2.2.x before 2.2.7, 2.3.x before 2.3.4, and 2.4.x before 2.4.1 continues to provide a blog RSS feed after blogging is disabled, which allows remote attackers to obtain sensitive information by reading this feed...

Microsoft Internet Explorer 8 - Fixed Col Span ID (Full ASLR + DEP Bypass) (MS12-037)

Microsoft Internet Explorer 8 - Fixed Col Span ID Full ASLR + DEP Bypass MS12-037 function strtointstr return str.charCodeAt10x10000 + str.charCodeAt0; var free = "EEEE"; while free.length 500 free +=...