1634 matches found
ACal 2.2.6 Cross Site Scripting
================================================================= =ACal-2.2.6 XSS Vulnerability ================================================================= Exploit Title: ACal-2.2.6 XSS Vulnerability Date: 02.09.2011 Author: T0xic Category: webapps/0day Script url:...
http-vuln-cve2011-3192 NSE Script
Detects a denial of service vulnerability in the way the Apache web server handles requests for multiple overlapping/simple ranges of a page. References: See also: http-slowloris-check.nse http-slowloris.nse Script Arguments http-vuln-cve2011-3192.path Define the request path...
Td Web SQL Injection
IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Td Web news.php?idcategoria AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.tdweb.it/ Persian Gulf 4 Ever! Exploite: www.victim.com/news.php?idcategoria=SQL Example :...
Cross-site Scripting (XSS) Vulnerability in Redirection WordPress Plugin
High-Tech Bridge SA Security Research Lab has discovered vulnerability in Redirection WordPress Plugin which can be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in Redirection WordPress Plugin Input passed via the "id" GET parameter to...
[SECURITY] Fedora 15 Update: phpMyAdmin-3.4.3.2-1.fc15
phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface managing databases, tables, fields, relations, index es, users, permissions, while you still have the ability to directly...
Virtual Consultant SQL Injection
exploit title : Virtual Consultant newsDetail.asp SQL Injection Vulnerability + author : CriminalCoder + category : WebApps + d0rk : inurl:/newsDetail.asp?secID= "Powered By Virtual Consultant" + vendor : www.v-consultant.co.uk/ + myWEB : http://beyz4de.wordpress.com + twitter :...
Cross-site Scripting (XSS) Vulnerabilities in eShop for Wordpress
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in eShop for Wordpress which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerabilities in eShop for Wordpress 1.1 The vulnerability exists due to input sanitation error i...
[SECURITY] Fedora 15 Update: phpMyAdmin-3.4.3.1-1.fc15
phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface managing databases, tables, fields, relations, index es, users, permissions, while you still have the ability to directly...
Iframe Injection & Blind SQL Injection vulnerability on Apple.com exposed by Idahc(lebanese hacker)
Iframe Injection & Blind SQL Injection vulnerability on Apple.com exposed by Idahclebanese hacker After Sony hacks, Idahclebanese hacker is back to strike Apple.com . He found two vulnerability on as listed below. Iframe Injection : Click here Blind SQL INjection: Click Here Examples of the...
Nodesforum - '_nodesforum_node' SQL Injection
source: https://www.securityfocus.com/bid/48451/info Nodesforum is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit may allow an attacker to compromise the application, access or...
EA Sports Cross Site Scripting
Information -------------------- Name : XSS Persistent in EA Sports Software : EA Sports Main site Vendor Homepage : http://www.ea.com Vulnerability Type : XSS Persistent Severity : Very High Researcher : Juan Sacco Description ------------------ EA Sports is prone to a XSS Stored vulnerability...
python security, bug fix, and enhancement update
python: 2.6.6-20 Resolves: CVE-2010-3493 2.6.6-19 Resolves: CVE-2011-1015 2.6.6-18 Resolves: CVE-2011-1521 2.6.6-17 - recompile against systemtap 1.4 Related: rhbz569695 2.6.6-16 - recompile against systemtap 1.4 Related: rhbz569695 2.6.6-15 - fix race condition that sometimes breaks the build wi...
E-Manage MySchool 7.02 SQL Injection
Exploit Title: SQL Injection MySchool Version 7.02 Google Dork: "MySchool Version 7.02" Date: 05-21-2011 Software Link: http://em.com.eg/ Version: Version 7.02 Author: az7rb Tested on : winxp sp3 Ar end bt5 Homepage : www.p0c.cc Greetz : p0c Team & Dr.NaNo & All My Msn Messenger Friends wWw.p0c.c...
Multiple Vulnerabilities in LoudBlog
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in LoudBlog which could be exploited to perform cross-site scripting and SQL injection attacks. 1 Cross-site scripting XSS vulnerability in LoudBlog The vulnerability exists due to input sanitation error in the "id"...
DORG 1.1 Cross Site Request Forgery
DORG 1.1 Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail : submitat1337day.com 1 0 0 1 1 0 I'm KnocKout member from Inj3ct0r Team 1 1 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1 My Live...
Fedora 15 : fail2ban-0.8.4-27.fc15 (2011-5135)
fail2ban used predictable /tmp files which a local user can allocate before fail2ban does. All tmp files have been moved to /var/lib/fail2ban. This also helps with selinux policies. Another security related fix is that fail2ban defaulted to gamin which conflicts with selinux, so users had to...
Cross-site Scripting (XSS) Vulnerability in WP Photo Album
High-Tech Bridge SA Security Research Lab has discovered vulnerability in WP Photo Album which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in WP Photo Album The vulnerability exists due to input sanitation error in the "id" parameter in...
Allomani Movies Library 2.0 - Cross-Site Request Forgery (Add Admin)
Allomani Movies Library 2.0 - Cross-Site Request Forgery Add Admin Movies Library 2.0 XSRF Vulnerability Add Admin ==================================================================== .:. Author : AtT4CKxT3rR0r1ST [email protected] .:. Script : http://allomani.com/en/moviesscript.html === Exploit ===...
Allomani Super MultiMedia Library 2.5.0 - Cross-Site Request Forgery (Add Admin)
Allomani Super MultiMedia Library 2.5.0 - Cross-Site Request Forgery Add Admin Super Multimedia Library 2.5.0 XSRF Vulnerability Add Admin ==================================================================== .:. Author : AtT4CKxT3rR0r1ST [email protected] .:. Script :...
Allomani Movies Library 2.0 - Cross-Site Request Forgery (Add Admin)
Movies Library 2.0 XSRF Vulnerability Add Admin ==================================================================== .:. Author : AtT4CKxT3rR0r1ST [email protected] .:. Script : http://allomani.com/en/moviesscript.html === Exploit ===...