5123 matches found
Elgg Cross Site Scripting / Request Forgery
CMS Elgg uploading to a host.Save as cookie.php +Exploit: ------- 1 Register in The SIte 2 add to the Template The victim would be anyone who comes to your blog. ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++...
elgg - Cross-Site Scripting Cross-Site Request Forgery Change Password
elgg - Cross-Site Scripting Cross-Site Request Forgery Change Password + CMS Elgg uploading to a host.Save as cookie.php +Exploit: ------- 1 Register in The SIte 2 add to the Template The victim would be anyone who comes to your blog...
elgg - Cross-Site Scripting / Cross-Site Request Forgery / Change Password
CMS Elgg uploading to a host.Save as cookie.php +Exploit: ------- 1 Register in The SIte 2 add to the Template The victim would be anyone who comes to your blog. ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ++++++++++++++++++++++++...
iPhone Safari Phone Auto Dial
Released since Apple published the iPhone 3.0 security fixes. Vulnerability Report --- BEGIN ADVISORY --- Manufacturer: Apple www.apple.com Device: iPhone 3G iPhone 1st Gen Firmware: 2.1 possible earlier versions Device Type: smart phone Subsystems: Safari and mobile telephony...
CMS buzz - Cross-Site Scripting Password Change HTML Injection
CMS buzz - Cross-Site Scripting Password Change HTML Injection + CMS Buzz xss/Change PasswordMultiple Remote Vulnerabilities + Discovered By ThE g0bL!N + Vendor:cmsbuzz.com + Note : If you are The S3r!0uS I say To Fuck you Because You are Hacked Site Of My Best Friends dz-boys.com +...
CVE-2009-2064
Microsoft Internet Explorer 8, and possibly other versions, detects http content in https web pages only when the top-level frame uses https, which allows man-in-the-middle attackers to execute arbitrary web script, in an https site's context, by modifying an http page to include an https iframe...
CVE-2009-2065
Mozilla Firefox 3.0.10, and possibly other versions, detects http content in https web pages only when the top-level frame uses https, which allows man-in-the-middle attackers to execute arbitrary web script, in an https site's context, by modifying an http page to include an https iframe that...
Design/Logic Flaw
Google Chrome detects http content in https web pages only when the top-level frame uses https, which allows man-in-the-middle attackers to execute arbitrary web script, in an https site's context, by modifying an http page to include an https iframe that references a script file on an http site,...
CVE-2009-2067
Opera detects http content in https web pages only when the top-level frame uses https, which allows man-in-the-middle attackers to execute arbitrary web script, in an https site's context, by modifying an http page to include an https iframe that references a script file on an http site, related...
vBulletin Radio And TV Player Cross Site Scripting
vBulletin Radio and TV Player Add-On all version - XSS , Iframe injection and Redirect Vulnerability About:- Radio and TV Add-on will add a radio and TV library to your forum. Features:- - Users can add / delete / edit own stations For more info about this plugin See -...
vBulletin Radio and TV Player AddOn - HTML Injection
vBulletin Radio and TV Player AddOn - HTML Injection vBulletin Radio and TV Player Add-On all version - XSS , Iframe injection and Redirect Vulnerability About:- Radio and TV Add-on will add a radio and TV library to your forum. Features:- - Users can add / delete / edit own stations For more inf...
vBulletin Radio and TV Player Add-On HTML Injection Vulnerability
Exploit for unknown platform in category web applications ================================================================= vBulletin Radio and TV Player Add-On HTML Injection Vulnerability ================================================================= vBulletin Radio and TV Player Add-On all...
vBulletin Radio and TV Player AddOn - HTML Injection
vBulletin Radio and TV Player Add-On all version - XSS , Iframe injection and Redirect Vulnerability About:- Radio and TV Add-on will add a radio and TV library to your forum. Features:- - Users can add / delete / edit own stations For more info about this plugin See -...
Novell Groupwise 8.0 Webaccess - Multiple Vulnerabilities
Novell Groupwise 8.0 Webaccess - Multiple Vulnerabilities source: https://www.securityfocus.com/bid/35066/info Novell GroupWise WebAccess is prone to multiple security vulnerabilities. An attacker may leverage these issues to bypass certain security restrictions or conduct cross-site scripting...
VerliHub Control Panel 1.7e Cross Site Scripting
VerliHub Control Panel - v 1.7e XSS & Iframe Injection Vulnerability http://vhcp.verlihub-project.org -6-05-2009 -Methodman - http://nemesis.te-home.net -Example:- Cross-site scripting vulnerability on login page http://vhcp.com/index.php?page=login&nick="alert"Vulnerable";...
Joomla Component rsmonials Remote Cross Site Scxripting Exploit
Exploit for unknown platform in category web applications =============================================================== Joomla Component rsmonials Remote Cross Site Scxripting Exploit =============================================================== / RSMonials XSS Exploit...
Cross site scripting
Cross-site scripting XSS vulnerability in Invision Power Board 2.3.1 and earlier allows remote attackers to inject arbitrary web script or HTML via an IFRAME tag in the signature...
CVE-2008-6565
Cross-site scripting XSS vulnerability in Invision Power Board 2.3.1 and earlier allows remote attackers to inject arbitrary web script or HTML via an IFRAME tag in the signature...
Break IE security restrict access to the iframe sub-frame within the local cookie-vulnerability warning-the black bar safety net
Author: aullik5 Today this article is mainly to say the following so a few things: 1. iframe limitations 2. Break the iframe to get the local cookie ideas 3. Use Cross Iframe Trick breakthrough iframe security restrictions My test environment is: IE 7 7.0.5730.13 All of the following content all...
phpinfo cross-site scripting vulnerability-vulnerability warning-the black bar safety net
Vulnerability description: php is a widely used programming language, can be nested in the html with a to do web app development. phpinfois used to display the current php environment is a function of many site and program will phpinfo on your own site or on a program, but phpinfo in the presence...