1502 matches found
Victory FTP Server 5.0 - Denial of Service
!/usr/bin/python xxx xxx xxxxxxxxxxx xxxxxxxxxxx xxxxxxxxxxx xxx xxx xxxxxxxxxxxxx xxxxxxxxxxxxx xxxxxxxxxxxxx xxx xxx xxxxxxxxxxxxx xxxxxxxxxxxxx xxxxxxxxxxxxx xxxxx xxx xxx xxx xxx xxx xxx xxxxxx xxx xxx xxx xxx xxx xxx xxx xxxxxxxx xxxxxxxx xxxxxxxxx xxxxxx xxx xxx xxx xxx xxx xxx xx xx xx xx ...
Unfixed XSS vulnerability at www.esof2010.org
Security researcher BlackhatDBL, has submitted on 25/01/2011 a cross-site-scripting XSS vulnerability affecting www.esof2010.org, which at the time of submission ranked 3557921 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 16/12/2011. It is...
Apple iPhone Safari JS Crash Exploit
Apple iPhone 3 Safari JavaScript - dot / '.' Remote Crash . = '$string'; "; iffileputcontents"./crash.html", $code echo"Point your safari mobile browser to crash.html.\r\n"; else echo"Cannot create file.\r\n"; ?...
Ero Auktion v2010 (item.php) SQL Injection Vulnerability
Exploit for php platform in category web applications +Name : Eroauktion 2010 www.cyber-warrior.org +Greetz to All Cyber-Warrior Members --------------------------------------------------------------------------------------- Kah çıkarım gökyüzüne seyrederim alemi kah inerim yeryüzüne...
OneOrZero AIMS 2.6.0 Members Edition Local File Inclusion / SQL Injection
Exploit Title: OneOrZero AIMS v2.6.0 Members Edition Multiple Vulnerabilities Date: 13.11.2010 Author: Valentin Category: webapps/0day Version: 2.6.0 Tested on: CVE : Code : :::::::::::::::::::::::::::::::::::::: 0x1 :::::::::::::::::::::::::::::::::::::: General Information Advisory/Exploit Titl...
Unfixed XSS vulnerability at www.mysterytwisterc3.org
Security researcher watt, has submitted on 17/10/2010 a cross-site-scripting XSS vulnerability affecting www.mysterytwisterc3.org, which at the time of submission ranked 3741290 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 18/12/2011. It is...
Security fix for the ALT Linux 5 package kdegraphics version 3.5.10-alt6
Oct. 14, 2010 Sergey V Turchin 3.5.10-alt6 - CVE-2010-3702 CVE-2010-3704 ALT24295...
Survey Scam Offers False Shelter From Surveys
Scammers are offering prospective marks an application that supposedly shields them from exposure to survey scams. Naturally, you first have to fill in a survey to install the script, which is punted through Userscriptsdotorg. Read the full article. The Register...
Unfixed XSS vulnerability at d66.org
Security researcher PaPPy, has submitted on 08/07/2010 a cross-site-scripting XSS vulnerability affecting d66.org, which at the time of submission ranked 19094644 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 09/07/2010. It is currently...
Zylone IT - Multiple Blind SQL Injections
Exploit Title: Zylone IT Multiple Blind SQL Injection Vulnerability Date: 2010-07-08 Author: Callo Software Link: http://www.zylone.com/ Version: Unknown Tested on: php 10101010101010101010101010101010101010101010101010101010101010101010101010101010 0 1 1 Title: Zylone IT Multiple Blind SQL...
Joomla Sef Remote File Inclusion
========================================================== Joomla Component comsef RFI =========================================================== WWw.HaCkTeacH.oRg/cc +===================================================================================+ ?Joomla Component comsef RFI...
PTCPay GEN4 - 'buyupg.php' SQL Injection
===================================================== PTCPay GEN4 buyupg.php SQL Injection Vulnerability ===================================================== Exploit Title: Date: 28.06.2010 Author: Dark.Man [email protected] Thanks To: Diq3N , SkyTurk , ByHuCRe , HeuRiSTiC , th3spy , 3KStyL3 ...
Unfixed XSS vulnerability at www.nevada211.org
Security researcher Prashant Uniyal, has submitted on 27/06/2010 a cross-site-scripting XSS vulnerability affecting www.nevada211.org, which at the time of submission ranked 4271151 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 28/06/2010. It...
Membership Site Script SQL Injection Vulnerability
http://localhost/membershipscript/login.php submit=1&email protectedSQL&password=123456 Authentication Bypass : http://localhost/membershipscript/login.php Username: email protected 'or''=' Password: empty ================================================== Membership Site Script SQL Injection...
Joomla Percha Gallery 1.6 Beta Local File Inclusion
==================================================================================================================== o Joomla Component Percha Gallery Local File Inclusion Vulnerability Software : comperchagallery version 1.6 Beta Vendor : http://www.percha.com/ Author : AntiSecurity NoGe Vrs-hCk...
Vbulletin - Two-Step External Link XSS
Vendor: vBulletin Affected versions: 3.7.x - 3.8.x Mod: Two-Step External Link URL: http://www.vbulletin.org/forum/showthread.php?t=217708 Vulnerability type: XSS Risk rating: Medium Exploit http://FORUM/externalredirect.php?url=XSS Bug File: externalredirect.php line 35 Code: $url =...
Joomla Component Realtyna Translator Local File Inclusion Vulnerability
No description provided by source. ============================================================================================================== o Joomla Component Realtyna Translator Local File Inclusion Vulnerability Software : comrealtyna version 1.0.15 Vendor : http://software.realtyna.com/...
Unfixed XSS vulnerability at www.concrete5.org
Security researcher hanicker, has submitted on 20/03/2010 a cross-site-scripting XSS vulnerability affecting www.concrete5.org, which at the time of submission ranked 20696 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 06/07/2010. It is...
Joomla Org SQL Injection
Joomla comorg SQL Injection Vulnerability \\\\\\\\\\\\\\N2n-Hacker - [email protected]//////////////////////////// = Dork = inurl:"option=comorg" ------------------------------------------------------------------------------- EXp :...
Domains Using .Org to Have Tighter Security
The Public Interest Registry will add an extra layer of security known as DNS Security Extensions DNSSEC to the .org domain in June — a move that will protect millions of non-profit organizations and their donors from hacking attacks known as cache poisoning. Read the full article. Network World...