Cross-site Scripting (XSS) Vulnerability in SiteLoom CMS

High-Tech Bridge SA Security Research Lab has discovered vulnerability in SiteLoom CMS which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in SiteLoom CMS The vulnerability exists due to input sanitation error in the "mailform1" parameter in...

dotDefender 4.02 - 'clave' Cross-Site Scripting

source: https://www.securityfocus.com/bid/41541/info dotDefender is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context o...

RunCMS 2.1 - 'magpie_debug.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/41551/info RunCms is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the...

HYM (news_details.php) SQL Injection Vulnerability

Exploit for php platform in category web applications ================================================== HYM newsdetails.php SQL Injection Vulnerability ================================================== +Title: HYM newsdetails.php SQL Injection Vulnerability + About :...

Samin CMS LFI Vulnerability

Exploit for php platform in category web applications =========================== Samin CMS LFI Vulnerability =========================== InformatioN Title : Samin CMS LFI Vulnerability Author: Arash Saadatfar Vendor: http://see.ir Example : http://olampiyad.ir/index.php?pg=/etc/passwd ExploiT...

Joomla! Component com_seyret - Local File Inclusion

Joomla! Component comseyret - Local File Inclusion Exploit Title: Joomla Component Seyret comseyret Date: 2010-06-26 Author: mlk Software Link: null Version: null Tested on: Linux,BSD and windows CVE : null Code : on paper Joomla Component Seyret comseyret - Local File Inclusion Vulnerability +...

Cross-site Scripting (XSS) Vulnerability in DSite CMS

High-Tech Bridge SA Security Research Lab has discovered vulnerability in DSite CMS which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in DSite CMS The vulnerability exists due to input sanitation error in the "buttonname" parameter in...

Cross-site Request Forgery (CSRF) Vulnerabilities in FestOS

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in FestOS which could be exploited to perform cross-site request forgery attacks. 1 Cross-site request forgery CSRF in FestOS 1.1 The vulnerability exists due to insufficient validation of the request origin in...

Multiple Vulnerabilities in Pixie

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Pixie which could be exploited to perform cross-site scripting, script insertions and cross-site request forgery attacks. 1 Cross-site scripting XSS vulnerability in Pixie The vulnerability exists due to input...

Wiki Web Help 0.2.7 - Cross-Site Scripting HTML Injection

Wiki Web Help 0.2.7 - Cross-Site Scripting HTML Injection source: https://www.securityfocus.com/bid/41306/info Wiki Web Help is prone to a cross-site scripting vulnerability and multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in...

ASRC Really Simple Chat 3.3 Cross Site Scripting / Remote File Inclusion

= ARSC Really Simple Chat V3.3 Remote File Inclsion & Cross Site Scripting Vulnerability = Author : Zer0 Thunder = Home : http://colombohackers.com = Download : http://sourceforge.net/projects/arsc/ = Date : 06/25/2010 Remote File Inclusion ---...

NetWorld Alliance portal SQL Injection Vulnerability

Exploit for php platform in category web applications ==================================================== NetWorld Alliance portal SQL Injection Vulnerability ==================================================== EDB-ID: CVE: OSVDB-ID: Author: Dr.0rYX and Cr3w-DZ Published: Verified: Exploit Code...

snipe gallery Script Sql Injection Vulnerability

Exploit for php platform in category web applications ================================================ snipe gallery Script Sql Injection Vulnerability ================================================ Exploit Title: snipe gallery Script Sql Injection Date: 26/06/2010 Author: dev!l ghost Email:...

Axis IT Group SQL Injection Vulnerability

Exploit for php platform in category web applications ========================================= Axis IT Group SQL Injection Vulnerability ========================================= Author :: DrgpxX Group :: Aras cyber Army Email :: email protected Discover :: 23 june 2010 Critical Lvl :: high...

Linux/x86-64 - Add root user with password - 390 bytes

No description provided by source. / Title: Linux/x86-64 - Add root user with password - 390 bytes Date: 2010-06-20 Tested: Archlinux x8664 k2.6.33 Author: Jonathan Salwan Web: http://shell-storm.org | http://twitter.com/shellstorm ! Dtabase of shellcodes http://www.shell-storm.org/shellcode/ Add...

Cross-site Scripting (XSS) Vulnerabilities in CruxCMS

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in CruxCMS which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in CruxCMS: CVE-2008-0700 The vulnerability exists due to input sanitation error in the "search"...

Multiple Vulnerabilities in DBHcms

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in DBHcms which could be exploited to perform cross-site scripting and SQL injection attacks. 1 Cross-site scripting XSS vulnerabilities in DBHcms 1.1 The vulnerability exists due to input sanitation error in the...

Cross-site Request Forgery (CSRF) in Kryn.cms

High-Tech Bridge SA Security Research Lab has discovered vulnerability in Kryn.cms which could be exploited to perform cross-site request forgery attacks. 1 Cross-site Request Forgery CSRF in Kryn.cms The vulnerability exists due to insufficient validation of the request origin in...

MarketSaz Remote Shell Upload

========================================== MarketSaz remote file Upload Vulnerability ========================================== Exploit Title: MarketSaz remote file uploade Author: NetQurd [email protected] Dork : English = Powered MarketSaz Software Link: http://www.marketsaz.com Platform...

Turbo FTP Server 1.20.745 Directory Traversal

Date of Discovery: 17-Jun-2010 Credits: leinakesiatgmail.com Vendor: Turbo FTP Server Affected: Turbo FTP Server 1.20.745. Earlier versions may also be affected. Overview: 1.vendor description of software ------------------------------------------------ TurboFTP Server is a high performance,...