CyberLink Power2Go Essential 9.0.1002.0 Overflow

!/usr/bin/perl Exploit Title: CyberLink Power2Go Essential 9.0.1002.0 - Registry SEH/Unicode Buffer Overflow Discovery date: 11-26-2013 Exploit Author: Mike Czumak Tv3rn1x -- @SecuritySift Vulnerable Software/Version: CyberLink Power2Go 9 Essential 9.0.1002.0 Vendor Site: http://www.cyberlink.com...

BarracudaDrive 6.7.2 Cross Site Scripting

Exploit Title : BarracudaDrive Content Management System Multiple XSS Vulnerabilities Author : Manish Kishan Tanwar Vendor : http://barracudadrive.com Software : BarracudaDrive 6.7.2 Date : 15/05/2014 Discovered At : IndiShell LAB indishell.in aka indian cyber army Love to : zero cool,Team...

Multiple Stored XSS in FOG Image deployment system - FD

Vulnerability title: Multiple Stored Cross-Site scripting CVE: CVE-2014-3111 Vendor: FOG Project Product: FOG Imaging system Affected version: 0.27 – 0.32latest Fixed version: N/A Reported by: Dolev Farhi ---------------------------- VULNERABILITY Details: ---------------------------- Latest and...

PayPal Filter Bypass

Document Title: =============== Paypal Inc Bug Bounty 109 MOS - Bypass & Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1050 PayPal Security UID: Pq115cey Release Date: ============= 2014-05-14 Vulnerability Laboratory ID VL-ID:...

GetSimple CMS 3.3.1 Cross Site Scripting

PoC for XSS bugs in the admin console of GetSimple CMS 3.3.1 CVE-2014-1603 by Pedro Ribeiro [email protected] from Agile Information Security Timeline: 04/11/2013 - Found bugs, produced proof of concept. 05/11/2013 - Communicated to the developer, which acknowledged receipt. 10/01/2014 - Politely...

Paypal BBP #109 MOS - Bypass & Persistent Vulnerability

Document Title: =============== Paypal BBP 109 MOS - Bypass & Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1050 PayPal Security UID: Pq115cey Video: http://www.vulnerability-lab.com/getcontent.php?id=1273 Video Demonstration:...

SpiceWorks 7.2.00174 - Persistent Cross-Site Scripting

SpiceWorks 7.2.00174 - Persistent Cross-Site Scripting Exploit Title: Multiple Stored XSS vulnerabilities in SpiceWorks Ticketing system Date: 12/05/2014 Exploit author: Dolev Farhi @f1nhack Vendor homepage: http://spiceworks.com Software Link: http://download.spiceworks.com/Spiceworks.exe Versio...

Paypal BBP #109 MOS - Bypass & Persistent Vulnerability

Document Title: =============== Paypal BBP 109 MOS - Bypass & Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1050 PayPal Security UID: Pq115cey Video: http://www.vulnerability-lab.com/getcontent.php?id=1273 Video Demonstration:...

Openfiler 2.99.1 Cross Site Scripting Vulnerability

Openfiler version 2.99.1 suffers from multiple persistent cross site scripting vulnerabilities. Exploit Title: Multiple persistent XSS in Openfiler Exploit author: Dolev Farhi @f1nhack Date 07/05/2014 Vendor homepage: http://www.openfiler.com Affected Software version: 2.99.1 Alerted vendor: 7.5....

OpenFiler 2.99.1 - Multiple Persistent Cross-Site Scripting Vulnerabilities

Exploit Title: Multiple persistent XSS in Openfiler Exploit author: Dolev Farhi @f1nhack Date 07/05/2014 Vendor homepage: http://www.openfiler.com Affected Software version: 2.99.1 Alerted vendor: 7.5.14 Software Description ===================== Openfiler is a network storage operating system...

InvisionPower CMS Links To Titles 3.0 Cross Site Scripting

InvisionPower cms Links to Titles utility Presistent XSS =========================================== Author: UmPire Version: 3.0 Full details for version 3.1 patch is not mentioned. It's suspicious to affect all versions. Vendor URL: http://invisionpower.com Product URL:...

Woltlab Burning Board 3.9.1 pl1 - Persistent Web Vulnerability & Editor Reverse Encoding Issue

Document Title: =============== Woltlab Burning Board 3.9.1 pl1 - Persistent Web Vulnerability & Editor Reverse Encoding Issue References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1256 Video: http://www.vulnerability-lab.com/getcontent.php?id=1257 Release Dat...

SEC Consult SA-20140430-0 :: SQL injection and persistent XSS in the Typo3 3rd party extension si_bibtex

SEC Consult Vulnerability Lab Security Advisory 20140430-0 ======================================================================= title: SQL injection and persistent XSS product: Typo3 3rd party extension sibibtex vulnerable version: sibibtex 0.2.3 fixed version: - impact: critical homepage:...

AppFish Offline Coder v2.2 iOS - Persistent Software Vulnerability

Document Title: =============== AppFish Offline Coder v2.2 iOS - Persistent Software Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1252 Release Date: ============= 2014-04-08 Vulnerability Laboratory ID VL-ID:...

BVS Site 4.0.1 / 5.2.1 Cross Site Scripting

Persistent Cross Site Scripting on BVS Site + Date: 02/05/2014 + Risk: HIGH + Author: Felipe Andrian Peixoto + Vendor Homepage: http://trac.reddes.bvsalud.org/projects/bvs-site/wiki/Downloads + Contact: [email protected] + Tested on: Windows 7 and Linux + Vulnerable File: index.php + Dork...

HP Laser Jet - JavaScript Persistent XSS via PJL Directory Traversal

Exploit for hardware platform in category web applications !/usr/bin/perl use strict; use warnings; use IO::Socket::INET; my $host = $ARGV0; Exploit Title: HP Laser Jet Persistent Javascript Cross Site Scripting via PJL Google Dork: n/a Date: 4/22/14 Exploit Author: @0x00string Vendor Homepage:...

Juniper Networks Junos OS J-Web Persistent Cross Site Scripting Vulnerability

Persistent XSS Vulnerability in J-Web SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:juniper:junos"; if description...

NETGEAR DGN2200 1.0.0.29_1.7.29_HotS - Persistent Cross-Site Scripting

NETGEAR DGN2200 1.0.0.291.7.29HotS - Persistent Cross-Site Scripting Exploit Title: Stored XSS Vulnerability in NETGEAR DGN2200 Web interface Date 30/04/2014 Exploit author: Dolev Farhi @f1nhack Vendor homepage: http://netgear.com Affected Firmware version: 1.0.0.291.7.29HotS Affected Hardware:...

BarracudaDrive 6.7.1 Cross Site Scripting Vulnerability

BarracudaDrive version 6.7.1 suffers from multiple persistent and reflective cross site scripting vulnerabilities Title : BarracudaDrive Multiple XSS Vulnerabilities Author : Shakeel Bhat SecPod Technologies Pvt. Ltd. http://www.secpod.com Vendor : http://barracudadrive.com Advisory :...

BarracudaDrive 6.7.1 Cross Site Scripting

Title : BarracudaDrive Multiple XSS Vulnerabilities Author : Shakeel Bhat SecPod Technologies Pvt. Ltd. http://www.secpod.com Vendor : http://barracudadrive.com Advisory : http://secpod.org/blog/?p=2309 http://secpod.org/advisories/SecPodAdvistoryBarracudaDrive6.7.1MultXSSVuln.txt Software :...