15 matches found
BurpSuitePro
Burp Suite Bambda Scripts - Vulnerability Testing Toolkit v2.0...
Asset Discover - Burp Suite Extension To Discover Assets From HTTP Response
Burp Suite extension to discover assets from HTTP response using passive scanning. Refer our blog Asset Discovery using Burp Suite for more details. The extension is now part of the BApp store and can be installed directly from the Burp Suite...
PortSwigger Web Security: DLL Hijacking in Burp Suite Pro 2.0.19 Installer
I've found that the latest installer of Burp Suite Pro tries to load some DLLs from an unprotected folder. After providing it with admin privileges required to install it tries to load these DLLs: C:\Users\bortto\AppData\Local\Temp\e4jA5E5.tmpdir1553882416\jre\bin\WINMM.dll...
BurpBounty - A Extension Of Burp Suite That Improve An Active And Passive Scanner
This extension allows you, in a quick and simple way, to improve the active and passive burpsuite scanner by means of personalized rules through a very intuitive graphical interface. Through an advanced search of patterns and an improvement of the payload to send, we can create our own issue...
BurpSuiteJSBeautifier - Burp Suite JavaScript Beautifier
Most of the websites compress their resources such as JS files in order to increase the loading speed. However, security testing and debugging a compressed resource is not an easy task. This is a Burp Suite open source extension which makes it possible to beautify most of the resources properly...
CivicRM 4.7b3 SQL Injection
CivicRM extends common CMS platforms WordPress, Drupal with a module to manage Civic campaigns, tracking donors, amounts, and campaign CRM type activity. I tested the WordPress integration of CivicRM 4.7b3 which was found to have blind SQL Injections that allow authenticated users to download...
Open Real Estate 1.15.1 XSS / SQL Injection / Weak Hashing
Introduction: Open Real Estate is an open source CMS for managing estate agent websites. It is written in PHP and uses the YII CMF. It supports multiple languages. It is supported by MonoRay.net The product has a number of commercial support offerings available and an internal market for...
SmarterMail 7.37.4 - Multiple Vulnerabilities
SmarterMail 7.37.4 - Multiple Vulnerabilities Author: Hoyt LLC Research | http://xss.cx | http://cloudscan.me Identified: October 28, 2010 Vendor: SmarterTools Application: SmarterMail 7.x Bugs: Stored XSS, Reflected XSS, Directory Traversal, File Upload Parameters, OS Execution, XML Injection,...
SmarterMail 7.x Cross Site Scripting
Source URL http://cloudscan.blogspot.com/2010/10/vendor-smartertoolscom-smartermail-7x.html Vendor: smartertools.com SmarterMail 7.x 7.2.3925 Date: 2010-10-01 Author : David Hoyt sqlhacker – Hoyt LLC Contact : [email protected] Home : http://cloudscan.me Dork : insite: SmarterMail Enterprise 7.1 B...
SmarterMail 7.x LDAP Injection
Vendor: smartertools.com SmarterMail 7.x 7.2.3925 Date: 2010-10-01 Author : David Hoyt sqlhacker – Hoyt LLC Contact : [email protected] Home : http://cloudscan.me Dork : insite: SmarterMail Enterprise 7.2 Bug : LDAP Injection + Cross Site Scripting STORED Tested on : SmarterMail 7.x 7.2.3925 //...
SmarterMail 7.x (7.2.3925) Stored Cross Site Scripting Vulnerability
Exploit for php platform in category web applications ==================================================================== SmarterMail 7.x 7.2.3925 Stored Cross Site Scripting Vulnerability ==================================================================== Vendor: smartertools.com SmarterMail 7...
SmarterMail 7.x (7.2.3925) LDAP Injection Vulnerability
Exploit for php platform in category web applications ======================================================= SmarterMail 7.x 7.2.3925 LDAP Injection Vulnerability ======================================================= Vendor: smartertools.com SmarterMail 7.x 7.2.3925 Date: 2010-10-01 Author :...
SmarterMail 7.1.3876 Directory Traversal
Vendor: smartertools.com SmarterMail 7.x 7.1.3876 | Bug : Directory Traversal, OS Command Injection, Other Critcal Vulns Vendor: smartertools.com SmarterMail 7.x 7.1.3876 Date: 2010-09-12 Author : sqlhacker – http://cloudscan.me Thanks to : Burp Suite Pro - engagement tool : FuzzDB Contact :...
SmarterMail 7.1.3876 Directory Traversal Vulnerability
No description provided by source. Vendor: smartertools.com SmarterMail 7.x 7.1.3876 Date: 2010-09-12 Author : sqlhacker – http://cloudscan.me Thanks to : Burp Suite Pro - engagement tool : FuzzDB Contact : [email protected] Home : http://cloudscan.me Dork : insite: SmarterMail Enterprise 7.1 Bug ...
SmarterMail 7.1.3876 - Directory Traversal
SmarterMail 7.1.3876 - Directory Traversal Note: Fixed by the vendor in version 7.2.3925 http://www.smartertools.com/smartermail/releasenotes/v7.aspx Vendor: smartertools.com SmarterMail 7.x 7.1.3876 | Bug : Directory Traversal, OS Command Injection, Other Critcal Vulns Vendor: smartertools.com...