1926 matches found
Google Chrome 3.0195.38 - Status Bar Obfuscation
Google Chrome 3.0195.38 Status Bar Obfuscation Author : 599eme Man. Contact : [email protected] Click 1? and the 2? look the Status bar for the 2? and you'll be redirect on Yahoo1? Open a new Window2? http://www.Google.com Look Here | V function OB document.write''; window.close;...
Opera 10.10 - Status Bar Obfuscation
Opera 10.10 Status Bar Obfuscation Author : 599eme Man. Contact : [email protected] Click on google look the Status bar and you'll be redirect on Yahoohttp://www.Google.com Look Here | V function OB document.write''; document.location='http://yahoo.com';...
Google Chrome 3.0195.38 Status Bar Obfuscation
Exploit for unknown platform in category dos / poc ============================================== Google Chrome 3.0195.38 Status Bar Obfuscation ============================================== Title: Google Chrome 3.0195.38 Status Bar Obfuscation EDB-ID: 10879 CVE-ID: OSVDB-ID: Author: 599eme Man...
Google Chrome 3.0195.38 Status Bar Obfuscation
No description provided by source. !-- Google Chrome 3.0195.38 Status Bar Obfuscation Author : 599eme Man Contact : [email protected] -- centerh1Google Chrome 3.0195.38 Status Bar Obfuscation/h1 br strongAuthor : 599eme Man.br Contact : [email protected]/strongbr br br br Click 1? and the 2? look the...
Security feature bypass
The default configuration of Cisco ASA 5500 Series Adaptive Security Appliance Cisco ASA 7.0, 7.1, 7.2, 8.0, 8.1, and 8.2 allows portal traffic to access arbitrary backend servers, which might allow remote authenticated users to bypass intended access restrictions and access unauthorized web site...
Joomla 1.5.12 TinyBrowser File Upload Code Execution
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Joomla 1.5.12...
WAP Push SI Impersonation
Security Advisory: Multiple Smartphones SMS Sender Obfuscation via WAP Push SI ------------------------------------------------------------------------------ Discovered by: Michael Mueller a.k.a. c0rnholio Contact: c0rnholio on domain netcologne.de Advisory Homepage:...
MMS Notification Obfuscation
Security Advisory: Multiple Smartphones MMS Notification Sender Obfuscation --------------------------------------------------------------------------- Discovered by: Michael Mueller a.k.a. c0rnholio Contact: c0rnholio on domain netcologne.de Advisory Homepage:...
IBM WebSphere Application Server 7.0 < Fix Pack 5
IBM WebSphere Application Server 7.0 before Fix Pack 5 appears to be running on the remote host. As such, it is reportedly affected by multiple vulnerabilities : - Non-standard HTTP methods are allowed. PK73246 - If the admin console is directly accessed from HTTP, the console fails to redirect t...
Default credentials
The Web Services functionality in IBM WebSphere Application Server WAS 6.1 before 6.1.0.25 and 7.0 before 7.0.0.5, in certain circumstances involving the ibm-webservicesclient-bind.xmi file and custom password encryption, uses weak password obfuscation, which allows local users to cause a denial ...
CVE-2009-2087
The Web Services functionality in IBM WebSphere Application Server WAS 6.1 before 6.1.0.25 and 7.0 before 7.0.0.5, in certain circumstances involving the ibm-webservicesclient-bind.xmi file and custom password encryption, uses weak password obfuscation, which allows local users to cause a denial ...
CVE-2009-2087
The Web Services functionality in IBM WebSphere Application Server WAS 6.1 before 6.1.0.25 and 7.0 before 7.0.0.5, in certain circumstances involving the ibm-webservicesclient-bind.xmi file and custom password encryption, uses weak password obfuscation, which allows local users to cause a denial ...
[CSS09-01] SlideShowPro Director File Disclosure Vulnerability
CSS09-01: SlideShowPro Director File Disclosure Vulnerability August 5, 2009 SUMMARY SlideShowPro Director is vulnerable to a file disclosure flaw because it fails to perform proper validation and handling of input parameters. Attackers can exploit this vulnerability to read arbitrary files from...
Sguil/PADS SQL Injection / Crash
Sguil/PADS SQL injection and server crash exploit by Ataraxia Benjamin Rose Public announcement made 7/15/09. Please visit http://allmybase.com/ my blog for more up-to-date information, and a quick patch. This exploit has the ability to render any Intrusion Detection System utilizing the sguil...
TekRADIUS Privilege Escalation
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Nth Dimension Security Advisory NDSA20090412 Date: 12th April 2009 Author: Tim Brown URL: / Product: TekRADIUS 3.0 Vendor: Yasin KAPLAN Risk: Medium Summary This advisory comes in 3 related parts: 1 By default, TekRADIUS connects to SQL Server as the ...
Conficker worm continues to evolve, confound researchers
The Conficker worm has been wreaking havoc on the Internet for several months now, and despite the concerted efforts of dozens of security organizations around the world, it is showing no signs of fading. A new analysis of Conficker by SRI International shows that the worm’s authors have added...
Dogfood CRM 2.0.10 spell.php Command Injection
No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...
Firefox 3.0.5 Status Bar Obfuscation / Clickjacking
No description provided by source. Firefox 3.0.5 Status Bar Obfuscation / Clickjacking =========================================== html body div id="mydiv" onmouseover="document.location='http://www.milw0rm.com';" style="position:absolute;width:2px;height:2px;background:FFFFFF;border:0px"/div...
CVE-2009-0253
Mozilla Firefox 3.0.5 allows remote attackers to trick a user into visiting an arbitrary URL via an onclick action that moves a crafted element to the current mouse position, related to a "Status Bar Obfuscation" and "Clickjacking" attack...
Mozilla Firefox 3.0.5 - Status Bar Obfuscation Clickjacking
Mozilla Firefox 3.0.5 - Status Bar Obfuscation Clickjacking Firefox 3.0.5 Status Bar Obfuscation / Clickjacking =========================================== function updateboxevt mouseX=evt.pageX?evt.pageX:evt.clientX; mouseY=evt.pageY?evt.pageY:evt.clientY;...