eM Client e-mail client 5.0.18025.0 - Persistent Cross-Site Scripting

!/usr/bin/python ''' Author: loneferret of Offensive Security Date: 22-08-2013 Product: eM Client for Windows Version: 5.0.18025.0 previous versions and other platforms may be vulnerable Vendor Site: http://www.emclient.com/ Software Download: http://www.emclient.com/download Tested on: Windows X...

Microsoft SharePoint 2013 - Persistent Web Vulnerability

Document Title: =============== Microsoft SharePoint 2013 - Persistent Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=812 Security Bulletin: MS13-067 http://technet.microsoft.com/de-de/security/bulletin/MS13-067 Microsoft Security...

Microsoft SharePoint 2013 - Persistent Web Vulnerability

Document Title: =============== Microsoft SharePoint 2013 - Persistent Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=812 Security Bulletin: MS13-067 http://technet.microsoft.com/de-de/security/bulletin/MS13-067 Microsoft Security...

John CMS 5.1 Cross Site Scripting

Exploit Title : JohnCMS 5.1 Persistent XSS Vulnerability Author : DevilScreaM Date : 08/09/2013 Category : Web Applications Vendor : http://johncms.com/ Product Link : http://johncms.com/download/?cat=481 Version : 1.0 - 5.1 Dork intext:Powered by JohnCMS Vulnerability : Persistent XSS...

eTransfer Lite v1.0 iOS - Persistent Filename Vulnerability

Document Title: =============== eTransfer Lite v1.0 iOS - Persistent Filename Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1064 Release Date: ============= 2013-08-30 Vulnerability Laboratory ID VL-ID: ===================================...

eTransfer Lite v1.0 iOS - Persistent Filename Vulnerability

Document Title: =============== eTransfer Lite v1.0 iOS - Persistent Filename Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1064 Release Date: ============= 2013-08-30 Vulnerability Laboratory ID VL-ID: ===================================...

dreamMail e-mail client 4.6.9.2 - Persistent Cross-Site Scripting

dreamMail e-mail client 4.6.9.2 - Persistent Cross-Site Scripting !/usr/bin/python ''' Author: loneferret of Offensive Security Product: dreamMail e-mail client Version: 4.6.9.2 Vendor Site: http://www.dreammail.eu Software Download: http://www.dreammail.eu/intl/en/download.html Tested on: Window...

dreamMail e-mail client 4.6.9.2 - Persistent Cross-Site Scripting

!/usr/bin/python ''' Author: loneferret of Offensive Security Product: dreamMail e-mail client Version: 4.6.9.2 Vendor Site: http://www.dreammail.eu Software Download: http://www.dreammail.eu/intl/en/download.html Tested on: Windows XP SP3 Eng. Tested on: Windows 7 Pro SP1 Eng. dreamMail: Using...

Bitbot C2 Panel Cross Site Scripting / SQL Injection

Exploit Title: Bitbot C2 Panel gate2.php SQLi + XSS Date: 08/19/2013 Exploit Author: Brian Wallace bwall aka @botnethunter Software Link: https://sourceforge.net/p/flippingbitbot/wiki/Home/ Vulnerable Virtual Machine including Bitbot Tested on: Debian/Ubuntu from StringIO import StringIO import...

Persistent XSS in Username field

The XSS vulnerability is only present in some parts of the UI where the username is incorrectly marked as "safe" for HTML output. Known vulnerability points: When viewing a user's activity stream on their profile page When viewing the site-wide activity stream in the Administrative UI This...

WordPress Usernoise Plugin 3.7.8 - Persistent XSS

Usernoise plugin is prone to a persistent XSS vulnerability, because the user input is not being properly handled when a feedback is submitted. The affected area is the Wordpress admin dashboard. The vulnerability accepts arbitrary codes, including JavaScript. And all JavaScript code is executed...

WordPress Plugin Usernoise 3.7.8 - Persistent Cross-Site Scripting

Details ============================= Application: Usernoise http://usernoise.karevn.com/ Version: 3.7.8 probably earlier versions as well Type: Wordpress plugin Developer: Nikolay Karev http://karevn.com/ - http://profiles.wordpress.org/karevn/ Vulnerability: Unauthorized persistent cross-site...

Wordpress Usernoise Plugin 3.7.8 - Persistent XSS Vulnerability

Exploit for php platform in category web applications Details ============================= Application: Usernoise http://usernoise.karevn.com/ Version: 3.7.8 probably earlier versions as well Type: Wordpress plugin Developer: Nikolay Karev http://karevn.com/ - http://profiles.wordpress.org/karev...

WordPress Usernoise 3.7.8 Cross Site Scripting

Details ============================= Application: Usernoise http://usernoise.karevn.com/ Version: 3.7.8 probably earlier versions as well Type: Wordpress plugin Developer: Nikolay Karev http://karevn.com/ - http://profiles.wordpress.org/karevn/ Vulnerability: Unauthorized persistent cross-site...

WordPress Plugin Better WP Security 3.4.8/3.4.9/3.4.10/3.5.2/3.5.3 - Persistent Cross-Site Scripting

======= Summary ======= Name: Bit51 Better WP Security Plugin - Unauthenticated Stored XSS to RCE Release Date: 30 July 2013 Reference: NGS00500 Discoverer: Richard Warren Vendor: Bit51 Vendor Reference: Systems Affected: Bit51 Better WP Security Plugin Version 3.4.8/3.4.9/3.4.10/3.5.2/3.5.3 Risk...

Private Photos v1.0 iOS - Persistent Path Web Vulnerability

Title: ====== Private Photos v1.0 iOS - Persistent Path Web Vulnerability Date: ===== 2013-07-25 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1034 VL-ID: ===== 1034 Common Vulnerability Scoring System: ==================================== 3.5 Introduction:...

Private Photos 1.0 iOS - Persistent Cross-Site Scripting

Private Photos 1.0 iOS - Persistent Cross-Site Scripting Title: ====== Private Photos v1.0 iOS - Persistent Path Web Vulnerability Date: ===== 2013-07-25 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1034 VL-ID: ===== 1034 Common Vulnerability Scoring System:...

OpenEMM-2013 8.10.380.hf13.0.066 - SOAP SQL Injection Persistent Cross-Site Scripting

OpenEMM-2013 8.10.380.hf13.0.066 - SOAP SQL Injection Persistent Cross-Site Scripting...

Download Lite v4.3 iOS - Persistent File Web Vulnerability

Title: ====== Download Lite v4.3 iOS - Persistent File Web Vulnerability Date: ===== 2013-07-19 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1023 VL-ID: ===== 1023 Common Vulnerability Scoring System: ==================================== 3.5 Introduction: ===========...

Private Photos 1.0 Script Insertion

Title: ====== Private Photos v1.0 iOS - Persistent Path Web Vulnerability Date: ===== 2013-07-25 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1034 VL-ID: ===== 1034 Common Vulnerability Scoring System: ==================================== 3.5 Introduction:...