1007 matches found
MyBB-sig.txt
NightWarrior nightwarrior771athotmail.com MyBB Signature HTML Code Injection http://www.mybboard.com/ example: Contact :nightwarrior771athotmail.com NightWarrior...
ldu-inject.txt
NightWarrior nightwarrior771athotmail.com Land Down Under Signature HTML Code Injection http://www.neocrome.net example: BODY background-image: url'http://www.geocities.com/nightwarrior771/blank.jpeg'; Contact :nightwarrior771athotmail.com NightWarrior...
Land Down Under Signature HTML Code Injection
NightWarriorKurdish Hacker nightwarrior771athotmail.com Land Down Under Signature HTML Code Injection http://www.neocrome.net example: STYLE =text/cssBODY background-image: url'http://www.geocities.com/nightwarrior771/blank.jpeg'; /STYLE Contact :nightwarrior771athotmail.com NightWarriorKurdihs...
[Full-disclosure] RockLiffe MailSite wconsole.dll Denial of Service/Script Injection Vulnerability
OS2A RockLiffe MailSite wconsole.dll Denial of Service/Script Injection Vulnerability OS2A ID: OS2A1004 Status 01/06/2006 Issue Discovered 01/06/2006 Reported to the vendor 01/19/2006 Patch Released 01/20/2006 Advisory Released Class: Denial of Service / Script Injection Severity: CRITICAL...
MyBB Signature HTML Code Injection
NightWarriorKurdish Hacker nightwarrior771athotmail.com MyBB Signature HTML Code Injection http://www.mybboard.com/ example: img src=&106&97&118&97&115&99&114&105&112&116&58&97&108&101&114&116&40&39&88&83&83&39&41 Contact :nightwarrior771athotmail.com NightWarriorKurdihs Hacker...
XMB Forum HTML Code Injection
NightWarriorKurdish Hacker nightwarrior771athotmail.com XMB Forum HTML Code Injection http://www.xmbforum.com/ Post This Code: img src=javascript:alert'XSS' Contact :nightwarrior771athotmail.com NightWarriorKurdihs Hacker...
[HSC Security Group] Multiple SQL injection/XSS in SimpleBlog 2.1
Hackers Center Security Group http://www.hackerscenter.com/ Zinho's Security Advisory Risk: High - Note from the author Simple Blog is a free weblog application intended for personal use. The latest version, 2.1, features xhtml/css template structure, rss feed, blog calendar and an easy to use...
httprint 202.0 - HTTP Response Server Field Arbitrary Script Injection
source: https://www.securityfocus.com/bid/16031/info httprint is prone to multiple remote vulnerabilities. The first issue may allow remote attackers to execute arbitrary HTML and script code in a user's browser. The second issue may allow remote attackers to crash an instance of the application...
httprint 202.0 - HTTP Response Server Field Arbitrary Script Injection
httprint 202.0 - HTTP Response Server Field Arbitrary Script Injection source: https://www.securityfocus.com/bid/16031/info httprint is prone to multiple remote vulnerabilities. The first issue may allow remote attackers to execute arbitrary HTML and script code in a user's browser. The second...
Surprise storms, IE6 latest vulnerability code, you can hung it-vulnerability warning-the black bar safety net
Today ncph group testing found that the JavaScript IE 6 vulnerability Its use of code as follows: script type="text/jscript" function init document. write"The time is:" + Date ; window. onload = init; /script Using this code you can hide the page in front of html code, run after it can only see t...
[SA18016] EveryAuction "searchstring" Cross-Site Scripting Vulnerability
TITLE: EveryAuction "searchstring" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA18016 VERIFY ADVISORY: http://secunia.com/advisories/18016/ CRITICAL: Less critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: EveryAuction 1.x http://secunia.com/product/6482/ DESCRIPTION:...
LocazoList Classifieds v1.03c Vuln.
LocazoList Classifieds v1.03c Vuln. Vuln. dicovered by : r0t Date: 6 dec. 2005 orginal advisory:http://pridels.blogspot.com/2005/12/locazolist-classifieds-v103c-vuln.html vendor:http://locazo.net:81/applications/ affected version:v1.03c and prior Product Description: LocazoList a Free, text based...
Sitebeater News System XSS vuln.
Sitebeater News System XSS vuln. Vuln. dicovered by : r0t Date: 3 dec. 2005 Orginal advisory:http://pridels.blogspot.com/2005/12/sitebeater-news-system-xss-vuln.html affected version: 4.00 and prior Product Description: News Features: mailing lists, polls, themes, attachments, search, categories,...
DRZES HMS 3.2 Multiple vuln.
DRZES HMS 3.2 - Hosting Management System -multiple SQL inj. vuln. and XSS vuln. Vuln. dicovered by : r0t Date: 25 nov. 2005 Orginal advisory:http://pridels.blogspot.com/2005/11/drzes-hms-32-multiple-vuln.html Vendor:http://drzes.com/ affected version:3.2 and prior Product description: Increase...
Virtual Hosting Control System 2.22.4 - Error Message Cross-Site Scripting
Virtual Hosting Control System 2.22.4 - Error Message Cross-Site Scripting source: https://www.securityfocus.com/bid/15538/info Virtual Hosting Control System is prone to cross-site scripting attacks. The vulnerability arises when error messages are rendered and could let an attacker inject hosti...
Affiliate Network Pro v7.2 SQL Injections, Arbitrary code execution, XSS
Affiliate Network Pro v7.2 SQL Injections, Arbitrary code execution, XSS ======================================================================== Software: Affiliate Network Pro v7.2 Severity: SQL Injections, Arbitrary code execution, XSS Risk: High Author: Robin Verton [email protected] Date:...
eZ Publish <= 2.2.7 Multiple XSS Vulnerabilities
eZ Publish is prone to multiple cross-site scripting XSS vulnerabiliites. SPDX-FileCopyrightText: 2003 k-otik.com Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
phpBB-IE-gif.txt
phpBB 2.0.17 and other BB systems as well Cookie disclosure exploit. I sent the report to phpBB and they said that a patch will be available withing a few days and It will be integrated into 2.0.18 . Note: This works like XSS, and requires the victim to use IE Affects all versions of IE. Special...
PHP Advanced Transfer Manager Multiple Vulnerabilities
Secunia Advisory: SA16867 Release Date: 2005-09-20 Critical: Moderately critical Impact: Cross Site Scripting Exposure of system information Exposure of sensitive information Where: From remote Solution Status: Unpatched Software: PHP Advanced Transfer Manager 1.x Select a product and view a...
Calendar Express Multiple Vulnerabilities (SQLi, XSS)
The remote host is using Calendar Express, a PHP web calendar. Vulnerabilities exist in this version that could allow an attacker to execute arbitrary HTML and script code in the context of the user's browser, and SQL injection. An attacker could exploit these flaws to use the remote host to...