SonicWall Dashboard Backend Server - Client Side Cross Site Scripting Web Vulnerability

Document Title: =============== SonicWall Dashboard Backend Server - Client-Side Cross Site Scripting Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1100 Release Date: ============= 2014-03-06 Vulnerability Laboratory ID VL-ID:...

SonicWall Backend Server - CS Cross Site Web Vulnerability

Document Title: =============== SonicWall Backend Server - CS Cross Site Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1100 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2589...

jDisk (stickto) v2.0.3 iOS - Multiple Web Vulnerabilities

Document Title: =============== jDisk stickto v2.0.3 iOS - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1196 Release Date: ============= 2014-02-11 Vulnerability Laboratory ID VL-ID: ==================================== 11...

Onpub CMS 1.4 & 1.5 - Multiple SQL Injection Vulnerabilities

Document Title: =============== Onpub CMS 1.4 & 1.5 - Multiple SQL Injection Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1120 Release Date: ============= 2013-10-26 Vulnerability Laboratory ID VL-ID: ==================================...

[Wapiti 2.3.0] Web Application Vulnerability Scanner

Wapiti allows you to audit the security of your web applications. It performs "black-box" scans, i.e. it does not study the source code of the application but will scans the webpages of the deployed webapp, looking for scripts and forms where it can inject data. Once it gets this list, Wapiti act...

K-Shell by kikicoco VHS version 1.2 edition (.aspx)

Данная утилита предназначенна для системных администраторов для удаленного управления своим сервером. Любое незаконное использование скрипта преследуется по закону. last update: 06.05.2013 21:20 Что может: Wso-style Server IP Client IP HostName Username OS Version IIS Version System Dir...

Cfm Shell v3.0 edition

Данная утилита предназначенна для системных администраторов для удаленного управления своим сервером. Любое незаконное использование скрипта преследуется по закону. last update: 14.04.2013 14:06 Что может: Server IP Client IP Gateway Interface Server Name Server Protocol Server Software Appserver...

OpenText WSM CMS Cross Site Scripting

Exploit Title: OpenText WSM cms Cross Site Scripting Vulnerability Google Dork: Intext:" Powered by OpenText WSM" Date: 08/29/2012 Author: Crim3R Site : Http://Ajaxtm.com/ Vendor Home : http://www.opentext.com/uk Tested on: all ================================== + the search form in site is not...

WooPress 1 Cross Site Scripting

HTTPCS Advisory : HTTPCS57 Product : WooPress Version : v.1 Date : 2012-08-04 Criticality level : Less Critical Description : A vulnerability has been discovered in WooPress, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the 'page' parameter ...

BGS CMS 2.2.1 Cross Site Scripting

Exploit for php platform in category web applications !-- BGS CMS v2.2.1 Multiple Stored Cross-Site Scripting Vulnerabilities Vendor: BGSvetionik Product web page: http://www.bgs-cms.com Affected version: 2.2.1 Summary: BGS CMS is powerful Content Management System used to easily publish, manage...

kernel: regset: Prevent null pointer reference on readonly regsets

The regset aka register set feature in the Linux kernel before 3.2.10 does not properly handle the absence of .get and .set methods, which allows local users to cause a denial of service NULL pointer dereference or possibly have unspecified other impact via a 1 PTRACEGETREGSET or 2 PTRACESETREGSE...

SQL Buddy 1.3.3 Cross Site Scripting

SQL Buddy 1.3.3 GET/POST Multiple Remote Cross-Site Scripting Vulnerabilities function xssdocument.forms"xss".submit; function xss2document.forms"xss2".submit; alert1' / input t...

The Mole - Another Automatic SQL Injection exploitation tool

The Mole - Another Automatic SQL Injection exploitation tool The Mole is an automatic SQL Injection exploitation tool. Only by providing a vulnerable URL and a valid string on the site it can detect the injection and exploit it, either by using the union technique or a boolean query based...

The Mole - Another Automatic SQL Injection exploitation tool

The Mole - Another Automatic SQL Injection exploitation tool The Mole is an automatic SQL Injection exploitation tool. Only by providing a vulnerable URL and a valid string on the site it can detect the injection and exploit it, either by using the union technique or a boolean query based...

Hero Framework 3.69 Cross Site Scripting

Hero Framework 3.69 Remote Reflected Cross-Site Scripting Vulnerability Vendor: Electric Function, Inc. Product web page: http://www.heroframework.com Affected version: 3.69 Summary: Hero formerly Caribou CMS is a white label, open source PHP website content management system CMS and development...

Cross Site Request Forgery - Deleting User's Dashboards

Security auditing tests performed on a Jira Bug Issue and Project Tracking Software locally running instance shown that the application is succeptible to Cross-Site Request Forgery attacks within this URL:...

DreamBox DM800 Arbitrary File Download Vulnerability

Exploit for hardware platform in category remote exploits Exploit Title: title Date: date Author: ShellVision Version: dm800 / !CDATA / functiontryvar...

DreamBox DM500(+) - Arbitrary File Download

DreamBox DM500+ - Arbitrary File Download DreamBox DM500+ Arbitrary File Download Vulnerability Vendor: Dream Multimedia GmbH Product web page: http://www.dream-multimedia-tv.de Affected version: DM500, DM500+, DM500HD and DM500S Summary: The Dreambox is a series of Linux-powered DVB satellite,...

Inventory Mojo Software Vulnerable to Multiple SQL Injection Vulnerability

Exploit for php platform in category web applications Title : Inventory Mojo Software Vulnerable to Multiple SQL Injections Found by : p0pc0rn Dork : intext:"Powered by Inventory Mojo Software." SQL --- Vulnerable Parameters are Method = GET ------------ categoria.asp producto.asp srubro.asp...

SasCam Webcam Server 2.6.5 - 'Get()' Method Buffer Overflow (Metasploit)

$Id: sascamget.rb 10477 2010-09-25 11:59:02Z mc $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ requi...