36 matches found
Tor: De-anonymization by visiting specially crafted bookmark.
There is a way to import logs in 'about:memory' from local disk, however, tested on windows you can pass a network url that may point to attack controlled server which logs IP's. This connection is done by windows presumably and so doesn't hide real IP of Tor user. 1. Have victim drag and drop an...
CVE-2014-3406
Race condition in the IP logging feature in Cisco Intrusion Prevention System IPS Software 7.17E4 and earlier allows remote attackers to cause a denial of service device reload via crafted IP traffic that matches a problematic rule, aka Bug ID CSCud82085...
FBI sponsored Ragebooter DDoS attack service
A website that can be described as "DDoS for hire" is perfectly legitimate, according to the owner. Malicious sites that offer attack services are not strangers on the Internet, but web sites sponsored by law enforcement is another story altogether. Ragebooter, is one of many sites that accepts...
MTP Poll 1.0 - Multiple Cross-Site Scripting Vulnerabilities
MTP Poll 1.0 - Multiple Cross-Site Scripting Vulnerabilities MTP Poll 1.0 Multiple Remote Script Insertion Vulnerabilities alert1;' / alert2;' / input...
MTP Poll 1.0 - Multiple Cross-Site Scripting Vulnerabilities
MTP Poll 1.0 Multiple Remote Script Insertion Vulnerabilities alert1;' / alert2;' / input type="hidden" na...
MTP Poll 1.0 Multiple Remote Script Insertion Vulnerabilities
Summary More than poll is a polling system with a powerful administration tool. It features: multiple pools, templates, unlimited options, IP Logging, cookie support, and more. Description MTP Poll script suffers from multiple stored cross-site scripting vulnerabilities. The issues are triggered...
HBA Crew (german carder forum) get hacked !
Now it's official: HBA-crew v2, was hacked! Ip 'were logged, Database is public! An official statement is as early as the first April before. But was it so funny but not that it was serious: Hi, Now we can not hide it anymore. geloaded Since yesterday evening by a leak in the server the entire...
Advanced Poll Script SQL Injection / Cross Site Scripting
Exploit Title: XSS and Authentication bypass in Advanced Poll Script Date: 26-apr-2010 Author: Sid3^effects Software Link: N/a CVE : Code : XSS and Authentication bypass in Advanced Poll Script Vendor:http://www.2daybiz.com/ Author:Sid3^effects Description : Advanced Poll is a polling system with...
2daybiz Advanced Poll Script XSS and Authentication Bypass
Exploit for php platform in category web applications ========================================================== 2daybiz Advanced Poll Script XSS and Authentication Bypass ========================================================== Description : Advanced Poll is a polling system with powerful...
2DayBiz Advanced Poll Script - Cross-Site Scripting Authentication Bypass
2DayBiz Advanced Poll Script - Cross-Site Scripting Authentication Bypass XSS and Authentication bypass in Advanced Poll Script Vendor:http://www.2daybiz.com/ Author:Sid3^effects Description : Advanced Poll is a polling system with powerful administration tool supports both text file and MySQL...
2DayBiz Advanced Poll Script - Cross-Site Scripting / Authentication Bypass
XSS and Authentication bypass in Advanced Poll Script Vendor:http://www.2daybiz.com/ Author:Sid3^effects Description : Advanced Poll is a polling system with powerful administration tool supports both text file and MySQL database. Its features include multiple polls, unlimited options, IP-Logging...
flat256enENa2.txt
Flatnuke 2.5.6 enENa2 possibly prior versions user IP address / information disclosure software: site: http://flatnuke.sourceforge.net/flatnuke/ download link: http://itk.hopto.org:666/work/index.php?mod=Download&dlfile=FlatNukeEn/FlatNukeEn2.5.6a2.zip&mode=go same vuln of simple machine forum,...
Problem With IP Logging In Invision Power Board?
IPB like many other forum systems logs visitors IP's However I have noticed in the past that people who are surfing through some proxies have their internal private IP logged instead of their "real" IP Address. Here are a few screenshots I took of my LAN IP being logged instead of my internet IP...
Invision Power Board (IP.Board) 1.3.1 - Design Error
Invision Power Board IP.Board 1.3.1 - Design Error IP.Board Design Error Vendor: Invision Power Services Product: IP.Board Version: = 1.3.1 Website: http://www.invisionpower.com/ BID: 10559 Description: Invision Power Board IPB is a professional forum system that has been built from the ground up...
Sun Solaris SSH Daemon fails to properly log client IP addresses
Overview The Sun Solaris Secure Shell Daemon sshd may incorrectly log client IP addresses. Description SSH is a program used to provide secure connection and communications between client and servers. Upon connecting to the service, the client's IP address is logged. There is a vulnerability in t...
SshdJJF.txt
J.J.F. / Hackers Team - Security Advisory =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Fecha: 09/05/1999 Publicado: 14/05/1999 Autor: Zhodiac URL: http://www.jjf.org Aplicacion: sshd2 up to 2.0.11 Sistema Operativo: Unix Peligrosidad: Medio, a largo plazo posible acceso remoto al sistema...