Uploadify Integration 0.9.6 Cross Site Scripting

waraxe-2012-SA085 - Reflected XSS in Uploadify Integration Wordpress plugin =============================================================================== Author: Janek Vind "waraxe" Date: 06. April 2012 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-85.html Description of vulnerabl...

[waraxe-2012-SA#083] - Multiple Vulnerabilities in Uploadify 2.1.4

waraxe-2012-SA083 - Multiple Vulnerabilities in Uploadify 2.1.4 =============================================================================== Author: Janek Vind "waraxe" Date: 05. April 2012 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-83.html Description of vulnerable software:...

Uploadify 2.1.4 Cross Site Scripting / Shell Upload

waraxe-2012-SA083 - Multiple Vulnerabilities in Uploadify 2.1.4 =============================================================================== Author: Janek Vind "waraxe" Date: 05. April 2012 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-83.html Description of vulnerable software:...

Joomla 2.5 Modules Simple Spotlight Upload Shell

Exploit for php platform in category web applications Joomla 2.5 Modules Simple Spotlight Upload Shell 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=1 3 3 3 3 7 | | | | || | | | / \ | / | / / 3 1 | | | | | || | | | | | | | | || | / / 7 3 | Exploit Modules Joomla by...

PT-2012-1248

Name of the Vulnerable Software and Affected Versions jquery versions prior to 1.9.0 Description The issue is related to the jQuery function not properly differentiating between HTML and selectors, allowing for cross-site scripting attacks. In vulnerable versions, jQuery determines whether the...

Cloupia End-to-end FlexPod Management - Directory Traversal

Cloupia End-to-end FlexPod Management - Directory Traversal Vulnerability Advisory Information Advisory ID: KUSTODIAN-2011-011 Date published: Jan 13, 2011 Vulnerability Information Class: Directory Traversal Remotely Exploitable: Yes Locally Exploitable: Yes Software Description Provides...

Cloupia End-To-End FlexPod Management Directory Traversal

Cloupia End-to-end FlexPod Management - Directory Traversal Vulnerability Advisory Information Advisory ID: KUSTODIAN-2011-011 Date published: Jan 13, 2011 Vulnerability Information Class: Directory Traversal Remotely Exploitable: Yes Locally Exploitable: Yes Software Description Provides...

Cloupia End-to-end FlexPod Management Directory Traversal

Exploit for jsp platform in category web applications Cloupia End-to-end FlexPod Management - Directory Traversal Vulnerability Vulnerability Information Class: Directory Traversal Remotely Exploitable: Yes Locally Exploitable: Yes Software Description Provides end-to-end FlexPod management and...

FBC Market v1.1 - Cross Site Scripting Vulnerability

Document Title: =============== FBC Market v1.1 - Cross Site Scripting Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=364 Release Date: ============= 2011-12-19 Vulnerability Laboratory ID VL-ID: ==================================== 364...

WordPress 1 JQuery Photo Gallery Slideshow Flash Cross Site Scripting

Islamic Republic Of Iran Security Team http://irist.ir/forum/ Wordpress 1-jquery-photo-gallery-slideshow-flash plugin Cross-Site Scripting Vulnerabilities Download......: http://wordpress.org/extend/plugins/1-jquery-photo-gallery-slideshow-flash/ Exploit.......:...

WordPress 1 jQuery Photo Gallery Slideshow Flash Plugin 1.01 - Cross Site Scripting

WordPress1 jQuery Photo Gallery Slideshow Flash plugin is prone to a cross-site scripting vulnerability. It fails to properly clean up user-supplied input. An attacker may execute arbitrary script code in the browser of an user in the context of the affected site. In this way the attacker can ste...

JQuery-Real-Person plugin - Bypass Captcha

JQuery-Real-Person plugin - Bypass Captcha Exploit Title: Bypass the JQuery-Real-Person captcha plugin Google Dork: if relevant we will automatically add these to the GHDB Date: 28th November, 2011 Author: Alberto Garcia-Illera Software Link: http://keith-wood.name/realPerson.html Version: 1.0.1...

JQuery-Real-Person captcha plugin 0-day Bypass

Exploit for php platform in category web applications Exploit Title: Bypass the JQuery-Real-Person captcha plugin Google Dork: if relevant we will automatically add these to the GHDB Date: 28th November, 2011 Author: Alberto Garcia-Illera Software Link: http://keith-wood.name/realPerson.html...

JQuery-Real-Person CAPTCHA 1.0.1 Bypass

Exploit Title: Bypass the JQuery-Real-Person captcha plugin Google Dork: if relevant we will automatically add these to the GHDB Date: 28th November, 2011 Author: Alberto Garcia-Illera Software Link: http://keith-wood.name/realPerson.html Version: 1.0.1 0-day Tested on: Chrome web browser...

JQuery-Real-Person plugin - Bypass Captcha

Exploit Title: Bypass the JQuery-Real-Person captcha plugin Google Dork: if relevant we will automatically add these to the GHDB Date: 28th November, 2011 Author: Alberto Garcia-Illera Software Link: http://keith-wood.name/realPerson.html Version: 1.0.1 0-day Tested on: Chrome web browser...

FBC-Market CMS 1.1 Cross Site Scripting

Title: ====== FBC-Market CMS v1.1 - Multiple Web Vulnerabilities Date: ===== 2011-09-22 VL-ID: ===== 281 Reference: ========== http://www.vulnerability-lab.com/getcontent.php?id=281 Introduction: ============= FBC-Market is a application that allows you to run your own online marketplace or...

FBC Market CMS v1.1 - Multiple Web Vulnerabilities

Document Title: =============== FBC Market CMS v1.1 - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=281 Release Date: ============= 2011-09-21 Vulnerability Laboratory ID VL-ID: ==================================== 281...

jQuery vulnerable to Cross-Site Scripting (XSS)

Cross-site scripting XSS vulnerability in jQuery before 1.6.3, when using location.hash to select elements, allows remote attackers to inject arbitrary web script or HTML via a crafted tag...

Wordpress jQuery Mega Menu 1.0 Plugin Local File Inclusion

Exploit for php platform in category web applications ------------------------------------------------------------------------ Software................WordPress jQuery Mega Menu 1.0 Vulnerability...........Local File Inclusion...

WordPress Plugin jQuery Mega Menu 1.0 - Local File Inclusion

Source: http://packetstormsecurity.org/files/view/98753/WordPressjQueryMegaMenu1.0-lfi.txt ------------------------------------------------------------------------ Software................WordPress jQuery Mega Menu 1.0 Vulnerability...........Local File Inclusion...