5006 matches found
Cross Site Scripting Vulnerability in Speed Bit Search Engine
Cross Site Scripting Vulnerability in Speed Bit Search Engine Debasish Mandal, A hacker from India , Found that there is a XSS through JavaScript Injection vulnerability in the Home page of Speed Bit Search Engine.The XSS filter is filtering normal html /script /iframe tags but XSS can be achieve...
Cross Site Scripting Vulnerability in Speed Bit Search Engine
Cross Site Scripting Vulnerability in Speed Bit Search Engine Debasish Mandal, A hacker from India , Found that there is a XSS through JavaScript Injection vulnerability in the Home page of Speed Bit Search Engine.The XSS filter is filtering normal html /script /iframe tags but XSS can be achieve...
Online Subtitles Workshop - Cross-Site Scripting
=================================================================================== Online Subtitles Workshop XSS vulnerabilities =================================================================================== Exploit Title: Online Subtitles Workshop XSS vulnerabilities Author: M.Jock3R...
Online Subtitles Workshop XSS Vulnerability
Exploit for php platform in category web applications =================================================================================== Online Subtitles Workshop XSS vulnerabilities =================================================================================== Exploit Title: Online Subtitl...
Adium 1.4.2 Cross Site Scripting
+-----------------------------------------------------------------------------+ | noptrix.net - Public Security Advisory | +-----------------------------------------------------------------------------+ Date: ----- 08/02/2011 Vendor: ------- Adium - http://www.adium.im/ Affected Software:...
Zynga Cross Site Scripting
\ \ \ \ \ | / \ \ \ / /\ / /\ \ / / |/ /| | / / \ / / / | | /\ / \ / / /| | | / / // \ / || \ /\ // || || // // / / / ------------------------------------------------------------------------------------------------------------------------------------------------- Title: Zynga...
Chyrp < 2.1.1 Multiple Vulnerabilities
Chyrp is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[oCERT-2011-001] Chyrp input sanitization errors
2011-001 Chyrp input sanitization errors Description: The Chyrp framework, an open source blogging engine, suffers from cross-site scripting XSS and local file inclusion LFI vulnerabilities. Insufficient input sanitization on the parameters passed to pages related to administration settings, the...
A company source cookie injection vulnerability-vulnerability warning-the black bar safety net
源码 下载 :http://www.mycodes.net/25/4585.htm Default background:admin/login. asp Injection point:http://127.0.0.1/shownews. asp? id=2 1 6 exp: javascript:alertdocument. cookie="id="+escape"2 1 6 and 1=2 union select 1,username,password,4,5,6,7,8,9,1 0 from admin"; Either 1 of 2 fields...
Facebook Like Cross Site Scripting
+Title : FaceBook Like Cross Site Scripting +Auther : Bl4ck.Viper Turkish Hacker +Email : [email protected] +Date : 04/07/2011 +D0rk : inurl:"facebook/like.php?id" +Home : www.skote-vahshat.com +MyArchive : www.xpl.skote-vahshat.com This is a simple java script code for test ... now we inject...
RHEL 4 : ruby (RHSA-2011:0908)
The remote Redhat Enterprise Linux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2011:0908 advisory. - ruby WEBrick log escape sequence CVE-2009-4492 - Ruby WEBrick javascript injection flaw CVE-2010-0541 - ruby: memory corruption in...
RHEL 5 : ruby (RHSA-2011:0909)
The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2011:0909 advisory. - ruby WEBrick log escape sequence CVE-2009-4492 - Ruby WEBrick javascript injection flaw CVE-2010-0541 - ruby: memory corruption in...
Javascript Injection in Microsoft Lync 4.0.7577.0
============================================================================ Foofus.net Security Advisory: foofus-20110610 ============================================================================ Title: Javascript Injection in Microsoft Lync Version: 4.0.7577.0 Vendor: Microsoft Release Date:...
Microsoft Lync 4.0.7577.0 Javascript Injection
============================================================================ Foofus.net Security Advisory: foofus-20110610 ============================================================================ Title: Javascript Injection in Microsoft Lync Version: 4.0.7577.0 Vendor: Microsoft Release Date:...
Squiz Matrix 4.0.6 / 4.2.2 Cross Site Scripting
Squiz Matrix - Cross-Site Scripting Vulnerability http://www.osisecurity.com.au/advisories/squiz-matrix-cross-site-scripting Release Date: 06-Jun-2011 Software: Squiz - Matrix http://www.squiz.net/ "Squiz Matrix delivers highly flexible and robust business integration engine and application...
Geek.com Hacked, Found Hosting Exploit Kit
The security geeks at Geek.com were busy this weekend, after Web security firm zScaler found evidence that an exploit kit was using malicious iframe attacks to try to attack visitors to the company’s Web site, according to a Zscaler report Sunday. A post on the web security firm’s blog indicated...
[SECURITY] CVE-2011-0533: Apache Continuum cross-site scripting vulnerability
CVE-2011-0533: Apache Continuum cross-site scripting vulnerability Severity: Important Vendor: The Apache Software Foundation Versions Affected: Continuum 1.3.6 Continuum 1.4.0 Beta The unsupported versions Continuum 1.1 - 1.2.3.1 are also affected. Description: A request that included a speciall...
Habari Blog - Multiple Vulnerabilities
Vulnerability ID: HTB22732 Reference: http://www.htbridge.ch/advisory/pathdisclosureinhabari.html Product: Habari Vendor: Habari http://habariproject.org/en/ Vulnerable Version: 0.6.5 Vendor Notification: 02 December 2010 Vulnerability Type: Path disclosure Status: Fixed by Vendor Risk level: Low...
Embedded Video WordPress Plugin Cross Site Vulnerability (XSS) - CVE-2010-4277
Dear List, I'm writing on behalf of the Check Point Vulnerability Discovery Team to publish the following vulnerability. Check Point Software Technologies - Vulnerability Discovery Team VDT http://www.checkpoint.com/defense/ Embedded Video WordPress Plugin Cross Site Scripting Vulnerability...
YUI JavaScript library -- JavaScript injection exploits in Flash components
The YUI team reports: A security-related defect was introduced in the YUI 2 Flash component infrastructure beginning with the YUI 2.4.0 release. This defect allows JavaScript injection exploits to be created against domains that host affected YUI .swf files...