Chaturbate: Passive stored XSS at broadcast room

The hacker found that a specially crafted app names could insert a small amount of data into an A tag's href in the "Broadcaster is running these apps: " chat text. Because of the character limit this required multiple successive clicks on different app names, and in the example utilised the room...

Shopify: Stored passive XSS at scheduled posts (kitcrm.com)

Hello! There is improper filtration of the website link field of scheduled post. Attacker can intercept the scheduled post creation/modifying request and change it content the following way: http POST /pages/175422/manualposts/31163 HTTP/1.1 Host: kitcrm.com...

powermovielist 0.14b (sql/xss) Multiple Vulnerabilities

No description provided by source. =============================================================================================== Found : brainpillow Dork : PowerMovieList 0.14 Beta Copyright Visit : brainpillow.cc, forum.antichat.ru, raz0r.name Mail : [email protected]...

k-links directory (sql/xss) Multiple Vulnerabilities

No description provided by source. ================================================================================ || K-Links Directory SQL-INJECTION, XSS ================================================================================ Application: K-Links Directory ------------ Website:...

PowerMovieList 0.14b (SQL/XSS) Multiple Remote Vulnerabilities

No description provided by source. =============================================================================================== Found : brainpillow Dork : "PowerMovieList 0.14 Beta Copyright" Visit : brainpillow.cc, forum.antichat.ru, raz0r.name Mail : [email protected]...

powermovielist 0.14b - SQL Injection Cross-Site Scripting

powermovielist 0.14b - SQL Injection Cross-Site Scripting =============================================================================================== Found : brainpillow Dork : "PowerMovieList 0.14 Beta Copyright" Visit : brainpillow.cc, forum.antichat.ru, raz0r.name Mail :...

powermovielist 0.14b - SQL Injection / Cross-Site Scripting

=============================================================================================== Found : brainpillow Dork : "PowerMovieList 0.14 Beta Copyright" Visit : brainpillow.cc, forum.antichat.ru, raz0r.name Mail : [email protected]...

K-Rate (SQL/XSS) Multiple Remote Vulnerabilities

No description provided by source. ================================================================================ || K-Rate SQL-INJECTION, XSS ================================================================================ Application: K-Rate ------------ Website: http://turn-k.net/k-rate...

k-rate - SQL Injection Cross-Site Scripting

k-rate - SQL Injection Cross-Site Scripting ================================================================================ || K-Rate SQL-INJECTION, XSS ================================================================================ Application: K-Rate ------------ Website:...

k-links directory - SQL Injection Cross-Site Scripting

k-links directory - SQL Injection Cross-Site Scripting ================================================================================ || K-Links Directory SQL-INJECTION, XSS ================================================================================ Application: K-Links Directory...