GroupWise 7.0 (mailto: scheme) Buffer Overflow PoC

Exploit for unknown platform in category dos / poc ================================================== GroupWise 7.0 mailto: scheme Buffer Overflow PoC ================================================== PRODUCT: GroupWise 7.0 OS: Windows Xp The scheme "mailto" is vulnerable if one takes as default...

Groupwise 7.0 - mailto: scheme Buffer Overflow (PoC)

Groupwise 7.0 - mailto: scheme Buffer Overflow PoC PRODUCT: GroupWise 7.0 OS: Windows Xp The scheme "mailto" is vulnerable if one takes as default mail client to GroupWise, the fault is to implement the scheme followed by an extensive argument and this causes the buffer overflow. This brings the...

GroupWise 7.0 mailto: scheme buffer overflow

PRODUCT: GroupWise 7.0 OS: Windows Xp The scheme "mailto" is vulnerable if one takes as default mail client to GroupWise, the fault is to implement the scheme followed by an extensive argument and this causes the buffer overflow. This brings the consequence that can overwrite the EIP and is able ...

Malicious Website - Embedded Iframe Detection

Binary data 4470.prm...

ipb23x-xss.txt

Tested On: http://www.abarjigs.com/forum/ Effected on:Invision Power Board 1.REG WITH VICTIM FORUM 2.GO TO USER CONTROL PANEL 3.EDIT YOUR SIGNATURE ByTHIS CODE Code: Select all HACKED BY YOUR-NAME 4.AFTER THAT U WILL SEE ALL THE PAGE IS COVERED BY YOUR PAGE 5.GO ANY TOPIC AND POST ANYTHING. 6.AFT...

Invision Power Board 2.x - 'Signature' iFrame Security

source: https://www.securityfocus.com/bid/28466/info Invision Power Board IP.Board is prone to a security vulnerability that can aid attackers in social-engineering attacks. Attacker-supplied script code could exploit vulnerabilities in the user's browser or give the user a false sense of securit...

Invision Power Board <=2.3.x iFrame Vuln

Tested On: http://www.abarjigs.com/forum/ Effected on:Invision Power Board =2.3.x Type:Signature With iFrame Discovered By:CYBER.DARK.HIMU SHAHEEMIRZA Google: "style designed by Soi" or "Powered by IP.Board 2.3.1" Mail: [email protected],[email protected] HI TO ALL. HOW TO USE THIS...

Mozilla Firefox 2.0.0.12 - IFrame Recursion Remote Denial of Service

source: https://www.securityfocus.com/bid/27812/info Mozilla Firefox is prone to a remote denial-of-service vulnerability because of the way the browser handles IFrames. Attackers can exploit this issue to make the browser unresponsive and cause denial-of-service conditions. Firefox 2.0.0.12 is...

Mozilla Firefox 2.0.0.12 - IFrame Recursion Remote Denial of Service

Mozilla Firefox 2.0.0.12 - IFrame Recursion Remote Denial of Service source: https://www.securityfocus.com/bid/27812/info Mozilla Firefox is prone to a remote denial-of-service vulnerability because of the way the browser handles IFrames. Attackers can exploit this issue to make the browser...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in wp-contact-form/options-contactform.php in the WP-ContactForm 1.5 alpha and earlier plugin for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 wpcfemail, 2 wpcfsubject, 3 wpcfquestion, 4 wpcfanswer, 5...

CVE-2008-0197

Multiple cross-site scripting XSS vulnerabilities in wp-contact-form/options-contactform.php in the WP-ContactForm 1.5 alpha and earlier plugin for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 wpcfemail, 2 wpcfsubject, 3 wpcfquestion, 4 wpcfanswer, 5...

CVE-2007-5896

Mozilla Firefox 2.0.0.9 allows remote attackers to cause a denial of service CPU consumption and crash via an iframe with Javascript that sets the document.location to contain a leading NULL byte \x00 and a 1 res://, 2 about:config, or 3 file:/// URI...

Design/Logic Flaw

Mozilla Firefox 2.0.0.9 allows remote attackers to cause a denial of service CPU consumption and crash via an iframe with Javascript that sets the document.location to contain a leading NULL byte \x00 and a 1 res://, 2 about:config, or 3 file:/// URI...

CVE-2007-5896

Mozilla Firefox 2.0.0.9 allows remote attackers to cause a denial of service CPU consumption and crash via an iframe with Javascript that sets the document.location to contain a leading NULL byte \x00 and a 1 res://, 2 about:config, or 3 file:/// URI...

kdelibs KDE JavaScript denial of service (crash)

ecma/kjshtml.cpp in KDE JavaScript KJS, as used in Konqueror in KDE 3.5.5, allows remote attackers to cause a denial of service crash by accessing the content of an iframe with an ftp:// URI in the src attribute, probably due to a NULL pointer dereference...

gmailsteal_remote.scpt.txt

-- This script can be used to steal gmail's keychained password by injecting -- Javascripts into Safari. When executed it opens gmail's login page, reads -- saved password and sends it to a logging server by creating an hidden iframe -- into gmail's page. It can be easly modified to steal other...

hackflatnuke.txt

/ hackflatnuke.txt Tested on 2.6 FlatNuke version can work on 3 but it has to be modified With this trick you can steal/modifie a flatnuke account by changing the password and all the profile or change your profile and become an admin Requirements: - You have to know the nickname of the account u...

telemark-xss.txt

Title : Telemark XSS Description : The Telemark telemark.com search engine is vulnerable to XSS Author : Tosser E-mail : [email protected] Proof :...

GLSA-200708-09 : Mozilla products: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200708-09 Mozilla products: Multiple vulnerabilities Mozilla developers fixed several bugs, including an issue with modifying XPCNativeWrappers CVE-2007-3738, a problem with event handlers executing elements outside of the documen...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the Search Module in PHP-Nuke allow remote attackers to inject arbitrary web script or HTML via a trailing "" in 1 the onerror attribute of an IMG element, 2 the onload attribute of an IFRAME element, or 3 redirect users to other sites via the...