Joomla GoogleSearch (CSE) 3.0.2 Cross Site Scripting

Exploit title: Joomla Component GoogleSearch CSE 3.0.2 - XSS Vulnerability Author: Bet0 Twitter: https://twitter.com/Bet0Shinoda Website: www.mc-crew.or.id Google Dork: inurl:"index.php?option=comgooglesearchcse" Date: 29 Agustus 2015 Vendor Homepage: www.kksou.com Plugins Link:...

Wordpress Orange Themes CSRF File Upload Vulnerability

No description provided by source. Title : Wordpress Orange Themes CSRF File Upload Vulnerability Author : Jje Incovers Date : 01/12/2013 - 17 November 2013 Category : Web Applications Type : PHP Vendor : http://www.orange-themes.com/ Download : http://www.orange-themes.com/portfolio/ Tested :...

XAMPP 3.2.1 Cross Site Scripting Vulnerability

Exploit for multiple platform in category local exploits Title : XAMPP 3.2.1 Cross Site Scripting Author : DevilScreaM Date : 15 January 2014 Category : Web Applications Vendor : http://sourceforge.net/projects/xampp Version : 3.2.1 Type : PHP Greetz : 0day-id.com | newbie-security.or.id | Borneo...

XAMPP 3.2.1 Cross Site Scripting

Title : XAMPP 3.2.1 Cross Site Scripting Author : DevilScreaM Date : 15 January 2014 Category : Web Applications Vendor : http://sourceforge.net/projects/xampp Version : 3.2.1 Type : PHP Greetz : 0day-id.com | newbie-security.or.id | Borneo Security | Indonesian Security Indonesian Hacker |...

Joomla Aclassfb Shell Upload

Title : Joomla comaclassfb File Upload Vulnerability Author : DevilScreaM Date : 10 January 2014 Category : Web Applications Vendor : http://www.almondsoft.com Type : PHP Greetz : 0day-id.com | newbie-security.or.id | Borneo Security | Indonesian Security Indonesian Hacker | Indonesian Exploiter ...

WordPress Theme Amplus - Cross-Site Request Forgery

Title : Wordpress Amplus Themes CSRF File Upload Vulnerability Author : DevilScreaM Date : 11/17/2013 - 17 November 2013 Category : Web Applications Type : PHP Vendor : http://themeforest.net Download : http://themeforest.net/item/amplus-responsive-multilingual-wordpress-theme/ Greetz : 0day-id.c...

Chiangraientersoft HTML Injection

Sites using the Chiangraientersoft code base suffer from a html injection vulnerability that can allow for cross site scripting attacks. Note that this advisory has site-specific information. Exploit Title : Chiangraientersoft HTML Injection Author : DevilScreaM Date : 05/10/2013 Category : Web...

Chiangraientersoft HTML Injection

Exploit Title : Chiangraientersoft HTML Injection Author : DevilScreaM Date : 05/10/2013 Category : Web Applications Vendor : http://chiangraientersoft.com/ Dork inurl:Qread.php?idques= inurl:webboard/Qread.php?idques= Vulnerability : HTML Injection Tested On : Windows 7, Ubuntu Mozila & Chrome...

ArticleSetup - Multiple Vulnerabilities

Exploit Title : ArticleSetup Multiple Vulnerabilities Author : DevilScreaM Date : 21/09/2013 Category : Web Applications Vendor : http://www.articlesetup.com/ Version : 1.0 Dork intext:Powered By Article Marketing Vulnerability : Cross Site Scripting , SQL Injection Tested On : Windows 7, Ubuntu...

ArticleSetup - Multiple Vulnerabilities

ArticleSetup - Multiple Vulnerabilities Exploit Title : ArticleSetup Multiple Vulnerabilities Author : DevilScreaM Date : 21/09/2013 Category : Web Applications Vendor : http://www.articlesetup.com/ Version : 1.0 Dork intext:Powered By Article Marketing Vulnerability : Cross Site Scripting , SQL...

e107 0.7.25_full Cross Site Scripting / Remote File Inclusion

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail :...

PHP Quick Arcade 3.0.21 - Multiple Vulnerabilities

PHP Quick Arcade 3.0.21 - Multiple Vulnerabilities PHP Quick Arcade 3.0.21 Multiple Vulnerabilites ----------------------------------------------------------- Title: PHP-Quick-Arcade 3.0.21 Multiple Vulnerabilites Vendor: http://quickarcade.jcink.com/...

[Full-disclosure] Mozila Thunderbird 1.5 Address Book DoS

Affected: Mozila Thunderbird 1.5 /possibly other versions/ Mozila Thunderbird 1.5 address book allows fields of unlimited size in the address book which leads to a DoS if you import such ldif file POC: create a file.ldif and insert following then import it in address book: n: cn=Test POC by...