EUVD-2011-5138

Malware in sbrugna...

CVE-2011-5238

google-checkout-php-sample-code before 1.3.2 does not verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate...

Code injection

google-checkout-php-sample-code before 1.3.2 does not verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate...

CVE-2011-5238

CVE-2011-5238 affects google-checkout-php-sample-code up to version 1.3.1. The issue is inadequate TLS hostname verification: the code does not ensure the server hostname matches CN/subjectAltName, enabling MITM with any valid certificate. Impact per note: partial confidentiality and integrity; n...

WHMCS v4.5.2 Blind SQL Injection Vulnerability

WHMCS WHMCompleteSolution Affected versions: 4.5.x / || | \ | / | '| \ \ /\ / / | '/ \ | || | | | \ V V / | | | | / |/ \,|| // ,|| | Software : WHMCS WHMCompleteSolution Google Dork: Turn on thinking mode :P Date: 10/22/2012 Author: Starware Security Team www.Resecure.me Contact Us :...

New P2P Zeus Variant Targets Popular Sites with Bogus Offers

Facebook, Gmail, Yahoo and Hotmail users should beware of rogue rebate offers and new secure payment options aimed at getting them to part with their debit card information. Earlier this week Amit Klein, CTO of Trusteer, announced the discovery of a peer-to-peer variant of the Zeus platform that...

WordPress WP e-Commerce plugin <= 3.8.6 SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: WordPress WP e-Commerce plugin 1,BENCHMARK5000000,MD5CHAR115,113,108,109,97,112,0%23&cs3=123f7bcd4ba53fade05886a7e77bf045&transactiontype=rebill e.g. !/bin/bash payload="-1 AND...

iScripts eSwap v2.0 XSS / SQL Injection Vulnerability

Exploit for php platform in category web applications ===================================================== iScripts eSwap v2.0 XSS / SQL Injection Vulnerability ===================================================== Title:iScripts eSwap v2.0 sqli and xss vulnerability Author: Sid3^effects...

iScripts eSwap 2.0 - SQL Injection / Cross-Site Scripting

Title:iScripts eSwap v2.0 sqli and xss vulnerability Author: Sid3^effects Published: 2010-06-05 price:$99.95 email:[email protected] vendor: iScripts url : http://www.iscripts.com/eswap/ google dork : Powered by iScripts eSwap. ooooo .oooooo. oooooo oooooo oooo 888' d8P' Y8b 888. 888. .8' 888 88...

iScripts eSwap 2.0 - SQL Injection Cross-Site Scripting

iScripts eSwap 2.0 - SQL Injection Cross-Site Scripting Title:iScripts eSwap v2.0 sqli and xss vulnerability Author: Sid3^effects Published: 2010-06-05 price:$99.95 email:[email protected] vendor: iScripts url : http://www.iscripts.com/eswap/ google dork : Powered by iScripts eSwap. ooooo .ooooo...

Comersus 8 Shopping Cart - SQL Injection Cross-Site Request Forgery

Comersus 8 Shopping Cart - SQL Injection Cross-Site Request Forgery Exploit Title:SQL Injection and CSRF Vulnerability in Comersus 8 Shopping Cart Version: Web Application vendor :http://www.comersus.com/index.html Date: 1 apr,2010 Author:Sid3^effects Code :...