PR09-15: XSS injection vulnerability within HP System Management Homepage (Insight Manager)

PR09-15: XSS injection vulnerability within HP System Management Homepage Insight Manager Vulnerability found: 11th October 2009 Severity: Medium Description: A XSS vulnerability has been found within HP System Management; Arising from insufficient input filtering. By using a specially-crafted...

Al3jeb Remote Change Password

Exploit Title :al3jeb script Remote Change Password Exploit Author: alnjm33 Software Link: http://www.traidnt.net/vb/attachment.php?attachmentid=354606&d=1237376300 Version: 1.3 Tested on:1.3 MY home : Sec-war.com :::::::::::::::exploit::::::::::::::::::::: al3jeb script Remote Change Password...

Link Up Gold - Cross-Site Request Forgery (Add Admin)

/\ == \ /\ \ /\ \ \ \ input type="hidden" name="...

Phishing Tool

Added: 09/23/2009 Background This tool serves an HTML form which collects information from users. It allows you to either replicate a real web page, or specify a custom header graphic, a custom footer graphic, and an introductory text message. For best results, design the HTML form to look like a...

Phishing Tool

Added: 09/23/2009 Background This tool serves an HTML form which collects information from users. It allows you to either replicate a real web page, or specify a custom header graphic, a custom footer graphic, and an introductory text message. For best results, design the HTML form to look like a...

Phishing Tool

Added: 09/23/2009 Background This tool serves an HTML form which collects information from users. It allows you to either replicate a real web page, or specify a custom header graphic, a custom footer graphic, and an introductory text message. For best results, design the HTML form to look like a...

FormMail 1.92 Multiple Remote Vulnerabilities

No description provided by source. FormMail 1.92 Multiple Vulnerabilities Name Multiple Vulnerabilities in FormMail Systems Affected FormMail 1.92 and possibly earlier versions Severity Medium Impact CVSSv2 Medium 4.3/10, vector: AV:N/AC:M/Au:N/C:P/I:N/A:N Vendor...

FormMail 1.92 XSS / HTTP Response Splitting

FormMail 1.92 Multiple Vulnerabilities Name Multiple Vulnerabilities in FormMail Systems Affected FormMail 1.92 and possibly earlier versions Severity Medium Impact CVSSv2 Medium 4.3/10, vector: AV:N/AC:M/Au:N/C:P/I:N/A:N Vendor http://www.scriptarchive.com/formmail.html Advisory...

SQL injection

Added: 04/10/2009 Background Structured Query Language SQL is the most common language understood by modern relational databases. Problem A web program uses input parameters within an SQL query in an unsafe manner. This could allow a remote attacker to inject arbitrary SQL commands via a speciall...

SQL injection

Added: 04/10/2009 Background Structured Query Language SQL is the most common language understood by modern relational databases. Problem A web program uses input parameters within an SQL query in an unsafe manner. This could allow a remote attacker to inject arbitrary SQL commands via a speciall...

SQL injection

Added: 04/10/2009 Background Structured Query Language SQL is the most common language understood by modern relational databases. Problem A web program uses input parameters within an SQL query in an unsafe manner. This could allow a remote attacker to inject arbitrary SQL commands via a speciall...

RoomPHPlanning <= 1.6 (userform.php) Create Admin User Exploit

No description provided by source. !/usr/bin/perl -w use LWP::UserAgent; use HTML::Form; print "\n"; print "+=RoomPHPlanning\n"; print "+=v1.x\n"; print "+=Vul: Remote Create user with all permissions admin\n"; print "+=Author: Jonathan Salwan \n"; print "+=Web: http://www.shell-storm.org\n"; pri...

RoomPHPlanning 1.6 - userform.php Create Admin User

RoomPHPlanning 1.6 - userform.php Create Admin User !/usr/bin/perl -w use LWP::UserAgent; use HTML::Form; print "\n"; print "+=RoomPHPlanning\n"; print "+=v1.x\n"; print "+=Vul: Remote Create user with all permissions admin\n"; print "+=Author: Jonathan Salwan \n"; print "+=Web:...

Microsoft Internet Explorer HTML Form Value DoS Vulnerability

This host is installed Internet Explorer and is prone to Denial of Service vulnerability. OpenVAS Vulnerability Test $Id: secpodmsiehtmlformdosvuln.nasl 6527 2017-07-05 05:56:34Z cfischer $ Microsoft Internet Explorer HTML Form Value DoS Vulnerability Authors: Sharath S Copyright c 2009 SecPod,...

Chipmunk Blog (Auth Bypass) Add Admin Exploit

No description provided by source. 0x01 Informations: Script : Chipmunk Blog Download : http://www.chipmunk-scripts.com/blog/blog.zip Vulnerability : Add Admin Exploit\Auth Bypass Author : x0r Contact : [email protected] \ [email protected] Website : NULL 0x02 Bug: \admin\reguser.php...

TWiki 4.x - 'URLPARAM' Cross-Site Scripting

source: https://www.securityfocus.com/bid/32669/info TWiki is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of t...

Mozilla Firefox Input Box Type Property Dangling Pointer Vulnerability

This vulnerability allows attackers to potentially execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists when a DOM method on a specific HTML form...

Turuncu Galeri[galeri_edit.asp]Permission Bypass Vulnerability

Title:Turuncu Galerigaleriedit.aspPermission Bypass Vulnerability Discovered by : AleminKrali Dork :resimdetay.asp?id= Html Form form action="http://www.SITE.COM/PATH/yonet/galeriedit.asp" method="post" input type="hidden" name="update" value="1" input type="hidden" name="id" value="EDIT TO IMAGE...

linksys54g-bypass.txt

| l/ l j| \ / \ | \l j| \ | T l j| \ | | / \ | ' / | T | YY Y| o | T | Yl/ | | T | Y| jY Y | \ | | | | || Q || / | | | | || j | | | | || l | O | | Y | | | | || || | | | | | || / | | | | | || | | | . | j l | | |l || | j l | | || || T j l | | || T l ! lj\j|jljj ,jlj |jljjljlj|jljjlj / Hacking the...

1Book Guestbook Script Code Execution Vulnerability

No description provided by source. ========================================================= =============== JIKI TEAM Maroc And YameN =============== ========================================================= Author : jiko email : [email protected] Home : www.no-back.org & no-exploit.com Script ...