Reflected Cross-Site Scripting (XSS) in SourceBans

High-Tech Bridge Security Research Lab discovered vulnerability in SourceBans, which can be exploited to perform Cross-Site Scripting XSS attacks against web application users. The vulnerability exists due to insufficient filtration of input-data passed via the "advSearch" HTTP GET parameter to...

Sourcebans <= 1.4.2 Arbitrary Change Admin Email Vulnerability

No description provided by source. Sourcebans PHP sb-callback.php Author: Mr. Anonymous ------ Vendor:http://www.sourcebans.com Affected Versions: = 1.4.2 ----- Exploit sb-callback lines 185-204: ------------- function ChangeEmail$aid, $email ...SNIP... $GLOBALS'db'-ExecuteUPDATE .DBPREFIX.admins...

SourceBans <= 1.4.8 SQL/LFI Injection

No description provided by source...

SourceBans 1.4.7 XSS Vulnerability

No description provided by source. Exploit Title: SourceBans Version 1.4.7 XSS Google Dork: inurl:sourcebans/index.php?p=submit Date: Feb. 9th 2011 Author: Sw1tCh Software Link: http://www.sourcebans.net/ Version: 1.4.7 Info: SourceBans is an application for managing publicly the banned users for...

SourceBans 'xajax' Parameter Multiple Vulnerabilities

SourceBan is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SourceBans 1.4.8 Local File Inclusion / SQL Injection

Exploit Title: SourceBans In memory of crashfr who will NEVER die. Merci pour tout mec! ;-... R.I.P. ./EOF...

SourceBans 1.4.8 - SQL Injection Local File Inclusion Injection

SourceBans 1.4.8 - SQL Injection Local File Inclusion Injection Exploit Title: SourceBans In memory of crashfr who will NEVER die. Merci pour tout mec! ;-... R.I.P. ./EOF...

SourceBans <= 1.4.8 SQL/LFI Injection

Exploit for php platform in category web applications Exploit Title: SourceBans In memory of crashfr who will NEVER die. Merci pour tout mec! ;-... R.I.P. ./EOF 0day.today 2018-04-04...

SourceBans 1.4.8 - SQL Injection / Local File Inclusion Injection

Exploit Title: SourceBans In memory of crashfr who will NEVER die. Merci pour tout mec! ;-... R.I.P. ./EOF...

SourceBans Version 1.4.7 XSS

Exploit Title: SourceBans Version 1.4.7 XSS Google Dork: inurl:"sourcebans/index.php?p=submit" Date: Feb. 9th 2011 Author: Sw1tCh Software Link: http://www.sourcebans.net/ Version: 1.4.7 Info: SourceBans is an application for managing publicly the banned users for a Steam Server. -= The Advisory ...

SourceBans 1.4.7 XSS Vulnerability

Exploit for php platform in category web applications Exploit Title: SourceBans Version 1.4.7 XSS Google Dork: inurl:"sourcebans/index.php?p=submit" Date: Feb. 9th 2011 Author: Sw1tCh Software Link: http://www.sourcebans.net/ Version: 1.4.7 Info: SourceBans is an application for managing publicly...

SourceBans 1.4.7 Cross Site Scripting

Exploit Title: SourceBans Version 1.4.7 XSS Google Dork: inurl:"sourcebans/index.php?p=submit" Date: Feb. 9th 2011 Author: Sw1tCh Software Link: http://www.sourcebans.net/ Version: 1.4.7 Info: SourceBans is an application for managing publicly the banned users for a Steam Server. -= The Advisory ...

SourceBans 1.4.7 - Cross-Site Scripting

SourceBans 1.4.7 - Cross-Site Scripting Exploit Title: SourceBans Version 1.4.7 XSS Google Dork: inurl:"sourcebans/index.php?p=submit" Date: Feb. 9th 2011 Author: Sw1tCh Software Link: http://www.sourcebans.net/ Version: 1.4.7 Info: SourceBans is an application for managing publicly the banned...

SourceBans 1.4.7 - Cross-Site Scripting

Exploit Title: SourceBans Version 1.4.7 XSS Google Dork: inurl:"sourcebans/index.php?p=submit" Date: Feb. 9th 2011 Author: Sw1tCh Software Link: http://www.sourcebans.net/ Version: 1.4.7 Info: SourceBans is an application for managing publicly the banned users for a Steam Server. -= The Advisory ...

Sourcebans 1.4.2 Change Admin E-Mail

Sourcebans PHP sb-callback.php Author: Mr. Anonymous ------ Vendor:http://www.sourcebans.com Affected Versions: Execute"UPDATE ".DBPREFIX."admins SET email = '".$email."' WHERE aid = '".$aid."'"; $objResponse-addScript"ShowBox'E-mail address changed', 'Your E-mail address has been changed...

Sourcebans &lt;= 1.4.2 Arbitrary Change Admin Email Vulnerability

No description provided by source. Sourcebans PHP sb-callback.php Author: Mr. Anonymous ------ Vendor:http://www.sourcebans.com Affected Versions: = 1.4.2 ----- Exploit sb-callback lines 185-204: ------------- function ChangeEmail$aid, $email ...SNIP... $GLOBALS'db'-Execute"UPDATE...

SourceBans 1.4.2 - Arbitrary Change Admin Email

Sourcebans PHP sb-callback.php Author: Mr. Anonymous ------ Vendor:http://www.sourcebans.com Affected Versions: Execute"UPDATE ".DBPREFIX."admins SET email = '".$email."' WHERE aid = '".$aid."'"; $objResponse-addScript"ShowBox'E-mail address changed', 'Your E-mail address has been changed...

SourceBans 1.4.2 - Arbitrary Change Admin Email

SourceBans 1.4.2 - Arbitrary Change Admin Email Sourcebans PHP sb-callback.php Author: Mr. Anonymous ------ Vendor:http://www.sourcebans.com Affected Versions: Execute"UPDATE ".DBPREFIX."admins SET email = '".$email."' WHERE aid = '".$aid."'"; $objResponse-addScript"ShowBox'E-mail address changed...

Sourcebans <= 1.4.2 Arbitrary Change Admin Email Vulnerability

Exploit for unknown platform in category web applications...