7 matches found
Hotfm.com.my Cross Site Scripting
Exploit Title: Hotfm.com.my Cross Site Scripting Vulnerability Date: 08/11/2011 - 04:00am Author: Ryuzaki Lawlet Website: http://jusryuz.blogspot.com Tested On: WinXP Platform: ASP Email: [email protected] $ Vulnerable : http://site.com.my/path/galeri.asp?galleryType= $ Preview Sites:...
Logical Web Publisher SQL Injection
+------------------------------------------------------------------------------------------+ |------------------- Logical Web Publisher SQL Injection Vulnerability ------------------| +------------------------------------------------------------------------------------------+ + Google Dork :...
DmxReady Secure Document Library 1.2 - SQL Injection
Exploit Title: DmxReady Secure Document Library v1.2 SQL Injection Vulnerability Google Dork: inurl:incsecuredocumentlibrary.asp Date: 03.07.2011 Author: Bellatrix Software Link: http://www.dmxready.com/?product=secure-document-library Version: v1.2 Language: ASP Price : $99.97 Tested on: Windows...
Z-blog 1.8 web path information disclosure vulnerability and fix-vulnerability warning-the black bar safety net
Affected version: Z-blog 1.8 Vulnerability description: Z-blog is based on Asp platform Blog blogweblogprogram Z-blog using the default editor there is a path information disclosure vulnerability Test method:...
ASPSiteware Gallery SQL Injection Vulnerability
Exploit for asp platform in category web applications...
Texspares Sql Injection Vulnerability
Exploit for asp platform in category web applications ===================================== Texspares Sql Injection Vulnerability ===================================== Exploit Title:Texspares Sql injection Vulnerability Date: 01-18-2010 Author:Ashiyane Digital Security Team Platform / Tested on:...
Z-blog FUNCTION/c_function.asp跨站脚本攻击漏洞
Z-Blog是一款基于Asp平台的Blog博客网志程序,支持Wap,支持Firefox,Oprea等浏览器,在国内使用非常广泛,官方主页在http://www.rainbowsoft.org/。Z-blog代码严谨,前台功能简洁,后台功能强大,这为它的产品安全带来很大的优势,但是在上次的xss漏洞被公布后,80sec在产品中又发现一个严重的跨站脚本攻击漏洞,加上产品设计上的一些问题可能带来严重的后果。 在FUNCTION/cfunction.asp中,程序处理UBB标签的时候存在漏洞,导致任何用户可以在目标页面内执行任意js代码,利用该代码恶意用户可以获取目标站点的所有权限。漏洞代码如下...