FineArtPost SQL Injection / XSS

-------+AntiSecuritydotOrg------------- ================================================================== Title : FineArtPost SQL Injection & XSS Vulnerability Software : FineArtPost Vendor : http://www.fineartpost.com Author : OoNBoy Blog : http://oon.blogspot.com Web : http://oonboy.info...

Invisible Browsing 5.0.52 (.ibkey) Local Buffer Overflow Exploit

No description provided by source. !/usr/bin/perl print qq Iranian Pentesters Home Www.Pentesters.Ir PLATEN - H.jafari - Invisible Browsing 5.0.52 .ibkey Local BoF Exploit bug found & exploited by: PLATEN E-mail && blog: hjafari.blogspot.com platen.secureatgmaildotcom Greetings: Cru3l.b0y, b3hz4d...

Bo-Blog 2.1.1 Command Execution

Securitylab.ir Application Info: Name: bo-blog Version: 2.1.1 Download: http://www.bo-blog.com/download/release/Bo-blogV2.1.1.tar.gz Discoverd By: Securitylab.ir Website: http://securitylab.ir Contacts: adminatsecuritylab.ir & info@securitylabdotir Vulnerability Info: Type: Remote Command Executi...

Nullam Blog Multiple Remote Vulnerabilities

Salvatore "drosophila" Fresta + Application: Nullam Blog + Version: 0.1.2 + Website: http://nullam.net/ + Bugs: A Local File Inclusion B File Disclosure C Multiple Blind SQL Injection D SQL Injection E Reflected XSS + Exploitation: Remote + Date: 10 Sep 2009 + Discovered by: Salvatore Fresta aka...

Nullam Blog 0.1.2 LFI / XSS / SQL Injection

-- Salvatore Fresta aka drosophila CWNP444351 Salvatore "drosophila" Fresta + Application: Nullam Blog + Version: 0.1.2 + Website: http://nullam.net/ + Bugs: A Local File Inclusion B File Disclosure C Multiple Blind SQL Injection D SQL Injection E Reflected XSS + Exploitation: Remote + Date: 10 S...

Nullam Blog 0.1.2 (LFI/FD/SQL/XSS) Multiple Remote Vulnerabilities

Exploit for unknown platform in category web applications ================================================================== Nullam Blog 0.1.2 LFI/FD/SQL/XSS Multiple Remote Vulnerabilities ================================================================== -- Salvatore Fresta aka drosophila...

nullam blog 0.1.2 - Local File Inclusion File Disclosure SQL Injection Cross-Site Scripting

nullam blog 0.1.2 - Local File Inclusion File Disclosure SQL Injection Cross-Site Scripting -- Salvatore Fresta aka drosophila CWNP444351 Salvatore "drosophila" Fresta + Application: Nullam Blog + Version: 0.1.2 + Website: http://nullam.net/ + Bugs: A Local File Inclusion B File Disclosure C...

nullam blog 0.1.2 - Local File Inclusion / File Disclosure / SQL Injection / Cross-Site Scripting

-- Salvatore Fresta aka drosophila CWNP444351 Salvatore "drosophila" Fresta + Application: Nullam Blog + Version: 0.1.2 + Website: http://nullam.net/ + Bugs: A Local File Inclusion B File Disclosure C Multiple Blind SQL Injection D SQL Injection E Reflected XSS + Exploitation: Remote + Date: 10 S...

Nullam Blog 0.1.2 (LFI/FD/SQL/XSS) Multiple Remote Vulnerabilities

No description provided by source. -- Salvatore Fresta aka drosophila CWNP444351 Salvatore "drosophila" Fresta + Application: Nullam Blog + Version: 0.1.2 + Website: http://nullam.net/ + Bugs: A Local File Inclusion B File Disclosure C Multiple Blind SQL Injection D SQL Injection E Reflected XSS ...

Microsoft to Ship Mandatory Live Messenger Security Patch

Microsoft plans to force a mandatory Windows Live Messenger upgrade later this month to fix a security vulnerability that could lead to remote code execution attacks. The vulnerability, caused by an extra character in the Microsoft Active Template Library ATL, affects users of Windows Live...

Discuz! Plugin JiangHu 1.1 - 'id' SQL Injection

========================================================= Discuz! Plugin JiangHu = 1.1 Sql injection Vulnerability ========================================================= ========================Author========================= + Founded : ZhaoHuAn + Contact : ZhengXingatshandagamesdotcom + Blog...

Linux sock_sendpage() Local Root Exploit

/ Linux socksendpage NULL pointer dereference Copyright 2009 Ramon de Carvalho Valle This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or at your...

CVE-2008-7098

Multiple cross-site scripting XSS vulnerabilities in Qsoft K-Rate Premium allow remote attackers to inject arbitrary web script or HTML via the blog, possibly the 1 Title and 2 Text fields; 3 the gallery, possibly the Description field in Your Pictures; 4 the forum, possibly the Your Message fiel...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Qsoft K-Rate Premium allow remote attackers to inject arbitrary web script or HTML via the blog, possibly the 1 Title and 2 Text fields; 3 the gallery, possibly the Description field in Your Pictures; 4 the forum, possibly the Your Message fiel...

Sql injection

Multiple SQL injection vulnerabilities in Qsoft K-Rate Premium allow remote attackers to execute arbitrary SQL commands via 1 the $id variable in admin/includes/delecpac.php, 2 $ordorderid variable in payments/paymentreceived.php, 3 $id variable in includes/functions.php, and 4 unspecified...

CVE-2008-7098

Multiple cross-site scripting XSS vulnerabilities in Qsoft K-Rate Premium allow remote attackers to inject arbitrary web script or HTML via the blog, possibly the 1 Title and 2 Text fields; 3 the gallery, possibly the Description field in Your Pictures; 4 the forum, possibly the Your Message fiel...

Smart Magician Blog 1.0 - Multiple SQL Injections

Smart Magician Blog 1.0 - Multiple SQL Injections source: https://www.securityfocus.com/bid/43376/info Smart Magician Blog is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could...

Ninja Blog 4.8 Cross Site Scripting

/ | | \ \ / / | | \ \ / / | |\ \ /\ / / | | | | | | \ V /| | | \ V V / | | || | || / ||| // ,|, | |/ | | | |/ / | ' \ | | / | | | | | | | |||,|| || || Ninja Blog 4.8 Remote XSS URI Vulnerabilities Discovered By : Moudi Contact : Download : http://ninjadesigns.co.uk/ Greetings : Mizoz, Zuka,...

InTerra Blog Machine 1.70 Shell

====================================== InTerra Blog Machine Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 0 -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-1 + Discovered By : Inj3ct0r + Site : Inj3ct0r.com + support e-mail :...

Facebook Attack: Personal Info Theft via CSRF

This video is a demonstration of an attack exploiting a vulnerability in Facebook. It is a companion video to this blog post quaji.com that describes and discusses the hack. In a nutshell, a Facebook user’s personal is stolen. The only thing he does is view a regular, legitimate forum site...