7642 matches found
TinyWebGallery: XSS + Directory Traversal
Date: 01/02/2011 dd/MM/yyyy Script: TinyWebGallery Version: 1.8.3 No fixes yet, might work on other versions too. Home: http://www.tinywebgallery.com -- Vulnerability: Non-persistent XSS Where: File: /admin/index.php Parameters: sview, tview, dir, item. Examples:...
TinyWebGallery v 1.8.3 - Multiple Vulnerabilities
Exploit for php platform in category web applications Date: 01/02/2011 dd/MM/yyyy Script: TinyWebGallery Version: 1.8.3 No fixes yet, might work on other versions too. Home: http://www.tinywebgallery.com -- Vulnerability: Non-persistent XSS Where: File: /admin/index.php Parameters: sview, tview,...
TinyWebGallery 1.8.3 Cross Site Scripting / Directory Traversal
Date: 01/02/2011 dd/MM/yyyy Script: TinyWebGallery Version: 1.8.3 No fixes yet, might work on other versions too. Home: http://www.tinywebgallery.com -- Vulnerability: Non-persistent XSS Where: File: /admin/index.php Parameters: sview, tview, dir, item. Examples:...
CMS WebManager-Pro 7.4.3 Code Execution / Cross Site Request Forgery
Hello list! I want to warn you about Remote Code Execution and Cross-Site Request Forgery vulnerabilities in CMS WebManager-Pro. This CMS is widely using at different web sites, including security and government sites. ------------------------- Affected products: -------------------------...
TinyWebGallery 1.8.3 - Multiple Vulnerabilities
Date: 01/02/2011 dd/MM/yyyy Script: TinyWebGallery Version: 1.8.3 No fixes yet, might work on other versions too. Home: http://www.tinywebgallery.com -- Vulnerability: Non-persistent XSS Where: File: /admin/index.php Parameters: sview, tview, dir, item. Examples:...
RCE и CSRF уязвимости в CMS WebManager-Pro
Здравствуйте 3APA3A! Сообщаю вам о найденных мною Remote Code Execution и Cross-Site Request Forgery уязвимостях в CMS WebManager-Pro это украинская коммерческая CMS. RCE Remote PHP Code Execution WASC-31: В системе возможно включение php тэгов непосредственно в поля для текста контента. Таким...
vBSEO 3.5.2 & 3.2.2 - Persistent XSS via LinkBacks
Exploit for php platform in category web applications Versions Affected: 3.5.2 & 3.2.2 Most likely all versions Info: A proven success record, vBSEO powers the most optimized forums on the Web. The 1 SEO plugin and the only professional, fully supported solution. A full package of SEO enhancement...
vBSEO 3.2.23.5.2 - Persistent Cross-Site Scripting via LinkBacks
vBSEO 3.2.23.5.2 - Persistent Cross-Site Scripting via LinkBacks vBSEO - Persistent XSS via LinkBacks http://www.exploit-db.com/vbseo-from-xss-to-reverse-php-shell/ Versions Affected: 3.5.2 & 3.2.2 Most likely all versions Info: A proven success record, vBSEO powers the most optimized forums on t...
vBSEO 3.2.2/3.5.2 - Persistent Cross-Site Scripting via LinkBacks
vBSEO - Persistent XSS via LinkBacks http://www.exploit-db.com/vbseo-from-xss-to-reverse-php-shell/ Versions Affected: 3.5.2 & 3.2.2 Most likely all versions Info: A proven success record, vBSEO powers the most optimized forums on the Web. The 1 SEO plugin and the only professional, fully support...
vBSEO Sitemap 2.5/3.0 - Multiple Vulnerabilities
vBSEO Sitemap - Multiple Vulnerabilities Versions Affected: 2.5 and 3.0 Most likely all versions Info: A proven success record, vBSEO powers the most optimized forums on the Web. The 1 SEO plugin and the only professional, fully supported solution. A full package of SEO enhancements, one install,...
Sophisticated Attackers Now Using Social Net For Command and Control
Spammers aren’t the only ones who have figured out that social networks like Twitter and Facebook are good for business. Sophisticated hackers conducting targeted attacks are also using the networks as a tool to manage malware installations on victims’ networks, according to a new report from...
Smart core system multi-program through persistent XSS and fixes-vulnerability warning-the black bar safety net
Author: B0mbErM@n Program: Version: security2.5.0the governmentv2. 8. 0school2.5.0business3.7.2 and previous versions Environment: XP&IE6&Firefox/3.6.13 Vulnerability discovery:2010-01-15 Notification-vendor:2010-01-16 Lasting - XSS,background browsing of the triggerXSSstatement XSS E-mail:"XSS F...
'Seo Panel' Cookie-Rendered Persistent XSS Vulnerability (CVE-2010-4331)
'Seo Panel' Cookie-Rendered Persistent XSS Vulnerability CVE-2010-4331 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in 'Seo Panel' page rendering which allows for unfiltered, unencrypted content to be presented to a user...
AneCMS 1.3 Cross Site Scripting
Exploit Title: AneCMS 1.3 Persistant XSS Date: 17.1.2011 Author: Penguin Visit: www.null-sector.info Software Link: http://anecms.com/anecms.zip Version: 1.3 Tested on: Linux I Vulnerability ---------------------- You can add blogpost comments that does not get filtered for HTML-Code. Simply add ...
Seo Panel 2.2.0 Cookie-Rendered Persistent XSS Vulnerability
Exploit for php platform in category web applications 'Seo Panel' Cookie-Rendered Persistent XSS Vulnerability CVE-2010-4331 Mark Stanislav - email protected I. DESCRIPTION --------------------------------------- A vulnerability exists in 'Seo Panel' page rendering which allows for unfiltered,...
AneCMS 1.3 - Persistent Cross-Site Scripting
AneCMS 1.3 - Persistent Cross-Site Scripting Exploit Title: AneCMS 1.3 Persistant XSS Date: 17.1.2011 Author: Penguin Visit: www.null-sector.info Software Link: http://anecms.com/anecms.zip Version: 1.3 Tested on: Linux I Vulnerability ---------------------- You can add blogpost comments that doe...
AneCMS 1.3 - Persistent Cross-Site Scripting
Exploit Title: AneCMS 1.3 Persistant XSS Date: 17.1.2011 Author: Penguin Visit: www.null-sector.info Software Link: http://anecms.com/anecms.zip Version: 1.3 Tested on: Linux I Vulnerability ---------------------- You can add blogpost comments that does not get filtered for HTML-Code. Simply add ...
Seo Panel 2.2.0 - Cookie-Rendered Persistent Cross-Site Scripting
Seo Panel 2.2.0 - Cookie-Rendered Persistent Cross-Site Scripting 'Seo Panel' Cookie-Rendered Persistent XSS Vulnerability CVE-2010-4331 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in 'Seo Panel' page rendering which allo...
Seo Panel 2.2.0 - Cookie-Rendered Persistent Cross-Site Scripting
'Seo Panel' Cookie-Rendered Persistent XSS Vulnerability CVE-2010-4331 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in 'Seo Panel' page rendering which allows for unfiltered, unencrypted content to be presented to a user...
Seo Panel 2.2.0 Cross Site Scripting
'Seo Panel' Cookie-Rendered Persistent XSS Vulnerability CVE-2010-4331 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in 'Seo Panel' page rendering which allows for unfiltered, unencrypted content to be presented to a user...