Facebook Like Cross Site Scripting

+Title : FaceBook Like Cross Site Scripting +Auther : Bl4ck.Viper Turkish Hacker +Email : [email protected] +Date : 04/07/2011 +D0rk : inurl:"facebook/like.php?id" +Home : www.skote-vahshat.com +MyArchive : www.xpl.skote-vahshat.com This is a simple java script code for test ... now we inject...

RHEL 4 : ruby (RHSA-2011:0908)

The remote Redhat Enterprise Linux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2011:0908 advisory. - ruby WEBrick log escape sequence CVE-2009-4492 - Ruby WEBrick javascript injection flaw CVE-2010-0541 - ruby: memory corruption in...

RHEL 5 : ruby (RHSA-2011:0909)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2011:0909 advisory. - ruby WEBrick log escape sequence CVE-2009-4492 - Ruby WEBrick javascript injection flaw CVE-2010-0541 - ruby: memory corruption in...

Javascript Injection in Microsoft Lync 4.0.7577.0

============================================================================ Foofus.net Security Advisory: foofus-20110610 ============================================================================ Title: Javascript Injection in Microsoft Lync Version: 4.0.7577.0 Vendor: Microsoft Release Date:...

Microsoft Lync 4.0.7577.0 Javascript Injection

============================================================================ Foofus.net Security Advisory: foofus-20110610 ============================================================================ Title: Javascript Injection in Microsoft Lync Version: 4.0.7577.0 Vendor: Microsoft Release Date:...

Squiz Matrix 4.0.6 / 4.2.2 Cross Site Scripting

Squiz Matrix - Cross-Site Scripting Vulnerability http://www.osisecurity.com.au/advisories/squiz-matrix-cross-site-scripting Release Date: 06-Jun-2011 Software: Squiz - Matrix http://www.squiz.net/ "Squiz Matrix delivers highly flexible and robust business integration engine and application...

Geek.com Hacked, Found Hosting Exploit Kit

The security geeks at Geek.com were busy this weekend, after Web security firm zScaler found evidence that an exploit kit was using malicious iframe attacks to try to attack visitors to the company’s Web site, according to a Zscaler report Sunday. A post on the web security firm’s blog indicated...

[SECURITY] CVE-2011-0533: Apache Continuum cross-site scripting vulnerability

CVE-2011-0533: Apache Continuum cross-site scripting vulnerability Severity: Important Vendor: The Apache Software Foundation Versions Affected: Continuum 1.3.6 Continuum 1.4.0 Beta The unsupported versions Continuum 1.1 - 1.2.3.1 are also affected. Description: A request that included a speciall...

Habari Blog - Multiple Vulnerabilities

Vulnerability ID: HTB22732 Reference: http://www.htbridge.ch/advisory/pathdisclosureinhabari.html Product: Habari Vendor: Habari http://habariproject.org/en/ Vulnerable Version: 0.6.5 Vendor Notification: 02 December 2010 Vulnerability Type: Path disclosure Status: Fixed by Vendor Risk level: Low...

Embedded Video WordPress Plugin Cross Site Vulnerability (XSS) - CVE-2010-4277

Dear List, I'm writing on behalf of the Check Point Vulnerability Discovery Team to publish the following vulnerability. Check Point Software Technologies - Vulnerability Discovery Team VDT http://www.checkpoint.com/defense/ Embedded Video WordPress Plugin Cross Site Scripting Vulnerability...

YUI JavaScript library -- JavaScript injection exploits in Flash components

The YUI team reports: A security-related defect was introduced in the YUI 2 Flash component infrastructure beginning with the YUI 2.4.0 release. This defect allows JavaScript injection exploits to be created against domains that host affected YUI .swf files...

Oracle Sun Java System Web Server - HTTP Response Splitting

Oracle Sun Java System Web Server - HTTP Response Splitting Description Security-Assessment.com discovered that is possible to successfully perform an HTTP Response Splitting attack against applications served by Sun Java System Web Server. The vulnerability can be exploited if user supplied inpu...

Joomla Restaurant Guide Cross Site Scripting / Local File Inclusion / SQL Injection

Exploit Title: Joomla Component comrestaurantguide Multiple Vulnerabilities Date: 18.09.2010 Author: Valentin Category: webapps/0day Version: 1.0.0 Tested on: Debian lenny, Apache2, MySQL 5, Joomla 1.5.x CVE : Code : :::::::::::::::::::::::::::::::::::::: 0x1 :::::::::::::::::::::::::::::::::::::...

WordPress Plugin Events Manager Extended - Persistent Cross-Site Scripting

WordPress Plugin Events Manager Extended - Persistent Cross-Site Scripting Author: Craw Email: [email protected] Software Link: http://wordpress.org/extend/plugins/events-manager-extended/ Version: 3.1.2 Category: webapplications ======================================================= + ExploiT 1 ...

E-Bay Cross Site Scripting

http://donations.ebay.com/charity/charity.jsp?NPID=40219&name= "alert'XSS' http://worldofgood.ebay.com/Handmade-Jewelry-Earrings-Necklaces-Rings/47/list ?"alert'XSS' http://worldofgood.ebay.com/list?" http://sea.ebay.com/searchAnnoucement.php?time= "alertdocument.cookie...

Rekonq 0.5 Cross Site Scripting

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Nth Dimension Security Advisory NDSA20100818 Date: 18th August 2010 Author: Tim Brown URL: / Product: Rekonq 0.5 Vendor: Andrea Diamantini Risk: Medium Summary The Rekonq web browser is vulnerable to Javascript injection in a number of components of...

Medium security hole in Rekonq web browser

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Nth Dimension Security Advisory NDSA20100818 Date: 18th August 2010 Author: Tim Brown mailto:[email protected] URL: http://www.nth-dimension.org.uk/ / http://www.machine.org.uk/ Product: Rekonq 0.5 http://rekonq.sourceforge.net/ Vendor: Andr...

iScripts EasyBiller - Cross-Site Scripting

iScripts EasyBiller - Cross-Site Scripting $------------------------------------------------------------------------------------------------------------------- $ iScripts EasyBiller Cross Site Scripting Vulnerabilities $ Author : Sangteamtham $ Home : Hcegroup.net $ Download :...

iScripts EasyBiller - Cross-Site Scripting

$------------------------------------------------------------------------------------------------------------------- $ iScripts EasyBiller Cross Site Scripting Vulnerabilities $ Author : Sangteamtham $ Home : Hcegroup.net $ Download : http://www.iscripts.com/easybiller/ $ Date : 02/07/2010 $ Emai...

CVE-2010-0541 Ruby WEBrick javascript injection flaw

Cross-site scripting XSS vulnerability in the WEBrick HTTP server in Ruby in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, allows remote attackers to inject arbitrary web script or HTML via a crafted URI that triggers a UTF-7 error page...