2005 matches found
MoBiC-26 Bonus: XSS in Captcha!
Здравствуйте 3APA3A! Сообщаю вам о найденных мною Cross-Site Scripting уязвимостях в капче Captcha!. Это капча плагин для WordPress. Всего 4 XSS уязвимости на странице опций плагина http://site/wp-admin/options-general.php?page=captchacaptcha.php. Причём это persistent XSS уязвимости. XSS:...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. Math Comment Spam Protection: CAPTCHA bypass...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. MoBiC-21: AIP CAPTCHA bypass...
MoBiC-20: Nucleus CAPTCHA bypass
Здравствуйте 3APA3A! Сообщаю вам о найденных мною Insufficient Anti-automation уязвимостях в капче Nucleus. Данная капча уязвима для half-automated method и injected constant captcha bypass method. Insufficient Anti-automation: Эксплоиты:...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. Nucleus: CAPTCHA protection bypass...
MoBiC-19: HBH-Fusion CAPTCHA bypass
Здравствуйте 3APA3A! Сообщаю вам о найденной мною Insufficient Anti-automation уязвимости в капче HBH-Fusion. Система HBH-Fusion является модификацией PHP-Fusion. Данная капча уязвима для session reusing with constant captcha bypass method. Insufficient Anti-automation: Эксплоит:...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. HBH-Fusion: CAPTCHA protection bypass...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. PHP-Fusion: CAPTCHA protection bypass...
MoBiC-18: PHP-Fusion CAPTCHA bypass
Здравствуйте 3APA3A! Сообщаю вам о найденной мною Insufficient Anti-automation уязвимости в капче PHP-Fusion. Данная капча уязвима для session reusing with constant captcha bypass method. Insufficient Anti-automation: Эксплоит:...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. Cryptographp: CAPTCHA protection bypass...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. PHP-Nuke: CAPTCHA protection bypass. Peter’s Random Anti-Spam Image: CAPTACHA protection bypass and crossite scripting...
Another vulnerability in PHP-Nuke captcha
Здравствуйте 3APA3A! Сообщаю вам о найденной мною другой Insufficient Anti-automation уязвимости в капче PHP-Nuke. Данная капча уязвима для Null string bypass method. Insufficient Anti-automation: Эксплоит: http://websecurity.com.ua/uploads/2007/MoBiC/PHP-Nuke20CAPTCHA20bypass3.html Уязвима верси...
Vulnerability in PHP-Nuke captcha
Здравствуйте 3APA3A! Сообщаю вам о найденной мною Insufficient Anti-automation уязвимости в капче PHP-Nuke. Данная капча уязвима для MustLive CAPTCHA bypass method. Insufficient Anti-automation: Эксплоиты: http://websecurity.com.ua/uploads/2007/MoBiC/PHP-Nuke20CAPTCHA20bypass.html...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. PHP-Nuke: CAPTCHA protection bypass...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. mt-scode: CAPTCHA protection bypass...
Vulnerability in mt-scode
Здравствуйте 3APA3A! Сообщаю вам о найденной мною Insufficient Anti-automation уязвимости в mt-scode. Это капча плагин для Movable Type также имеется порт для Drupal. Данная капча уязвима для MustLive CAPTCHA bypass method. Insufficient Anti-automation: Эксплоит:...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. WordPress Peter’s Custom Anti-Spam Image: CAPTCHA protection bypass...
Vulnerability in Peter’s Custom Anti-Spam Image
Здравствуйте 3APA3A! Сообщаю вам о найденной мною Insufficient Anti-automation уязвимости в Peter’s Custom Anti-Spam Image. Это капча плагин для WordPress. Данная капча уязвима для двух методов обхода. 1. Constant values bypass method. 2. MustLive CAPTCHA bypass method. Insufficient...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. WordPress Peter’s Custom Anti-Spam Image: CAPTCHA protection bypass...
asp,PHP and. net forge HTTP-REFERER method and forgery preventing REFERER-bug warning-the black bar safety net
HTTP-REFERER this variable has been increasingly unreliable, and completely is what can be forged out of the stuff. The following is the forged method: ASP/Visual Basic code dim http set http=server. createobject"MSXML2. XMLHTTP" '//MSXML2. serverXMLHTTP also can Http. open "GET",url,false Http...