Lucene search
+L

141 matches found

Packet Storm
Packet Storm
added 2009/12/09 12:0 a.m.22 views

You! Hostit! Cross Site Scripting

view source print? andresg888 Contact : andresg8884tgmaildotcom Web: : www.ilegalintrusion.net & www.bl4ck-p0rtal.org Dork : No DoRk f0R ScRipT KiDDieS Example:...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2009/09/24 12:0 a.m.42 views

SuSE9 Security Update : IBM Java5 JRE and SDK (YOU Patch Number 12336)

This update brings IBM Java 5 to Service Release 9. It fixes the following security problems : - A security vulnerability in the Java Runtime Environment JRE may allow an untrusted applet or application to list the contents of the home directory of the user running the applet or application...

10CVSS8.3AI score0.85695EPSS
Exploits23References38
exploitpack
exploitpack
added 2009/07/24 12:0 a.m.29 views

Clip Bucket 1.7.1 - Insecure Cookie Handling

Clip Bucket 1.7.1 - Insecure Cookie Handling || || | || o,7 || . o7 || q||| o\, : / / . /QQQQQQQQQQQQQQQQQQQ\ /QQQ/\QQQ\ /QQQQQ/ \QQQQQQ\ /QQQQ/ QQQQ\ /QQQQ/ \QQQQ\ |QQQQ/ By Qabandi \QQQQ| |QQQQ| |QQQQ| |QQQQ| From Kuwait, PEACE... |QQQQ| |QQQQ| |QQQQ| |QQQQ\ iqaahotmail.fr /QQQQ| \QQQQ\ /QQQQ/...

0.1AI score
Exploits0
ThreatPost
ThreatPost
added 2009/05/14 3:39 p.m.10 views

Adobe bitten by XSS bug it invented

Hundreds of thousand websites host vulnerable Adobe Flash files which can be exploited by malicious people to conduct convincing phishing and XSS attacks. In most cases, cookie hijacking is possible. Unsuspecting users can be redirected from trustworthy SSL and non-SSL sites to malware, adware an...

2.2AI score
Exploits0References2
Packet Storm
Packet Storm
added 2008/12/16 12:0 a.m.23 views

FLDS 1.2a SQL Injection

!/usr/bin/perl -w Free Links Directory Script V1.2a Remote SQL Injection Exploit written by ka0x D.O.M Labs Security Researchers - www.domlabs.org - Vuln code report.php: if$COOKIE'logged'=="" ... // login else $linkida = $GET'linkid'; $linkinfo = mysqlfetcharraymysqlquery"select from links where...

0.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2008/11/18 12:0 a.m.29 views

openSUSE 10 Security Update : squirrelmail (squirrelmail-5778)

Squirrelmail was updated to use the secure flag for its cookies. Otherwise it was possible to hijack a SSL-protected session via leaked cookies. CVE-2008-3663 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE...

5CVSS5.3AI score0.02159EPSS
Exploits2References1
securityvulns
securityvulns
added 2007/06/18 12:0 a.m.55 views

[Full-disclosure] H4CREW-000005 EasyNews Pro 4.0 XSS & CSRF

I luv u Ms. Phisher u d4 d1am0nds 1n My Ski h4xorCrew Advirosy 5: Easynews PRO 4.0 XSS and CRSF =================================================== "the game of secuirity is like a sord fight you must think furst b4 you m0ve" H-4 h3r3 2 stay cuz we in da h0uz h4xorcewz n da house and r4w we g0nna...

5.8AI score
Exploits0
xssed
xssed
added 2007/05/11 12:0 a.m.10 views

Unfixed XSS vulnerability at wap.sesamportail.com

Security researcher meloulisi, has submitted on 05/11/2007 a cross-site-scripting XSS vulnerability affecting wap.sesamportail.com, which at the time of submission ranked 4167253 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 06/11/2007. It is...

Exploits0References1
Exploit DB
Exploit DB
added 2006/09/13 12:0 a.m.26 views

e107 website system 0.7.5 - 'admin.php?Query String (PATH_INFO)' Cross-Site Scripting

source: https://www.securityfocus.com/bid/19997/info e107 CMS is prone to multiple cross-site scripting vulnerabilities because the application fails to sanitize user-supplied input. An attacker may levearge this issue to have arbitrary script code execute in the browser of an unsuspecting user i...

7.4AI score
Exploits0
NVD
NVD
added 2006/07/18 3:47 p.m.14 views

CVE-2006-3665

SquirrelMail 1.4.6 and earlier, with registerglobals enabled, allows remote attackers to hijack cookies in src/redirect.php via unknown vectors. NOTE: while "cookie theft" is frequently associated with XSS, the vendor disclosure is too vague to be certain of this...

4.3CVSS6.6AI score0.01177EPSS
Exploits0References4
CVE
CVE
added 2006/07/17 9:0 p.m.47 views

CVE-2006-3665

CVE-2006-3665 affects SquirrelMail 1.4.6 and earlier with register_globals enabled. The vulnerability allows remote attackers to hijack cookies via src/redirect.php, with vectors not clearly disclosed in vendor reports. The description notes that “cookie theft” is often linked to XSS, but the ven...

4.3CVSS6.6AI score0.01177EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2006/07/17 9:0 p.m.19 views

CVE-2006-3665

SquirrelMail 1.4.6 and earlier, with registerglobals enabled, allows remote attackers to hijack cookies in src/redirect.php via unknown vectors. NOTE: while "cookie theft" is frequently associated with XSS, the vendor disclosure is too vague to be certain of this...

6.6AI score0.01177EPSS
Exploits0References4
0day.today
0day.today
added 2005/05/26 12:0 a.m.48 views

Maxwebportal <= 1.36 password.asp Change Password Exploit (3 - perl)

Exploit for unknown platform in category web applications ==================================================================== Maxwebportal Gr33tz To == mhp0rtal , Oilkarchack , Str0ke & AlphaST.Com And Iranian Hacking & Security Teams : IHS , Shabgard , Emperor ,Crouz & Simorgh-ev use IO::Socket...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2004/10/07 12:0 a.m.41 views

silentstorm.txt

CHT Security Research-2004 http://www.CyberSpy.Org Turkey Software: Silent Storm Portal Web Site: http://www.silent-storm.co.uk/ssp/ Affected Versions: 2.1,2.2 Description: Silent Storm Portal is a PHP based portal system.It requires PHP4 or above.no MySQL needed. Multiple Vulnerabilities in Sile...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2004/03/20 12:0 a.m.38 views

Expinion.net News Manager Lite 2.5 - &#039;category_news.asp?ID&#039; SQL Injection

source: https://www.securityfocus.com/bid/9935/info Multiple vulnerabilities have been identified in the application that may allow an attacker to carry out SQL injection, cross-site scripting, and account hijacking attacks. The issues exist in the 'commentadd.asp', 'search.asp',...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2003/07/17 12:0 a.m.20 views

Changing UBB cookie allows account hijack

Application: UBB 6.? Platform: Any system supporting PERL. Severity: Malicious users can steal session cookies, allowing administrative access to the bulletin board. Also custom html/js insertion in forum page is possible. Author: antiacid [email protected] Web:...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2003/06/06 12:0 a.m.15 views

Maxwebportal 1.30 - search.asp?Search Cross-Site Scripting

Maxwebportal 1.30 - search.asp?Search Cross-Site Scripting source: https://www.securityfocus.com/bid/7837/info A number of vulnerabilities have been discovered in the MaxWebPortal. The issues that have been discovered include: MaxWebPortal 'search.asp' has been reported prone to a cross-site...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2003/06/06 12:0 a.m.24 views

Maxwebportal 1.30 - &#039;search.asp?Search&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/7837/info A number of vulnerabilities have been discovered in the MaxWebPortal. The issues that have been discovered include: MaxWebPortal 'search.asp' has been reported prone to a cross-site scripting vulnerability. An attacker may execute arbitrary scri...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2003/03/20 12:0 a.m.24 views

[IPS] osCommerce multiple XSS vulnerabilities

iProyectos Security Advisory: XSS Bugs in osCommerce 1. Problem description. 2. Risk 3. Solution 4. Manual fix 5. About iProyectos ------------------------------------ 1. Problem description: osCommerce is a widely installed open source shopping e-commerce solution. Some XSS cross-site scripting...

Exploits0
securityvulns
securityvulns
added 2003/02/25 12:0 a.m.36 views

Multiple webmin bugs

Crossite scripting, session cookie hijacking...

1.2AI score
Exploits0References1Affected Software2
Rows per page
Query Builder