14 matches found
TeamPass 2.1.24 - Multiple Vulnerabilities
TeamPass 2.1.24 - Multiple Vulnerabilities Affected Product: TeamPass Vulnerability Type: Multiple XSS,CSRF, SQL injections Fixed in Version: 2.1.25 https://github.com/nilsteampassnet/TeamPass/releases/tag/2.1.25.0 Vendor Website: http://www.teampass.net Software Link: :...
AneCMS 1.3 Persistant XSS Vulnerability
No description provided by source. Exploit Title: AneCMS 1.3 Persistant XSS Date: 17.1.2011 Author: Penguin Visit: www.null-sector.info Software Link: http://anecms.com/anecms.zip Version: 1.3 Tested on: Linux I Vulnerability ---------------------- You can add blogpost comments that does not get...
Vanilla FirstLastNames 1.3.2 Plugin Persistant XSS
No description provided by source. Title: Vanilla FirstLastNames 1.3.2 Plugin Persistant XSS Vulnerability Date: 18/5/12 Author: Henry Hoggard Author URL: henryhoggard.co.uk Author Twitter: @henryhoggard Software: Vanilla Version 2.0.18.4 + FirstLastNames 1.3.2...
e107 Persistant XSS vulnerability
Exploit for php platform in category web applications Exploit Title: E107 CMS Persistant XSS vulnerability Google Dork: "intitle:e107 powered website" | inurl:e107admin | ... Date: 18/02/2013 Exploit Author: Zyklon B Vendor Homepage: http://e107.org/ Software Link:...
SchoolCMS Cross Site Scripting
Title: SchoolCMS Persistant XSS. Date: 03/12/12 Author: VipVince Vendor: www.poweritschools.com Google Dork: /oldcore/cal/eventform.php Tested on: Windows. This is a Persistant XSS used in the software by many schools. About 225 results 0.21 seconds The vulnerability lies in the eventform.php fil...
Vanilla Forums About Me Plugin - Persistent Cross-Site Scripting
Vanilla Forums About Me Plugin - Persistent Cross-Site Scripting Title: Vanilla About Me Plugin Persistant XSS Vulnerability Date: 18/5/12 Author: Henry Hoggard Author URL: henryhoggard.co.uk Author Twitter: @henryhoggard Software: Vanilla Version 2.0.18.4 + About Me 1.1.1...
Vanilla Forums About Me Plugin Persistant XSS
Exploit for php platform in category web applications Title: Vanilla About Me Plugin Persistant XSS Vulnerability Date: 18/5/12 Author: Henry Hoggard Author URL: henryhoggard.co.uk Author Twitter: @henryhoggard Software: Vanilla Version 2.0.18.4 + About Me 1.1.1...
Achievo 1.4.3 Cross Site Scripting / SQL Injection
Title: ====== Achievo v1.4.3 - Multiple Web Vulnerabilities Date: ===== 2012-01-30 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=403 VL-ID: ===== 403 Introduction: ============= Achievo is a flexible web-based resource management tool for business environments. Achiev...
Achievo 1.4.3 - Multiple Web Vulnerabilities
Title: ====== Achievo v1.4.3 - Multiple Web Vulnerabilities Date: ===== 2012-01-30 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=403 VL-ID: ===== 403 Introduction: ============= Achievo is a flexible web-based resource management tool for business environments. Achiev...
bitweaver 2.8.1 Persistant XSS / SQL Injection Vulnerability
Exploit for php platform in category web applications author: lemlajt software : bitweaver @ sourceforge.net version: 2.8.1 tested on: linux cve : PoC : 1. submit an article POST http://localhost/www/cmsadmins/bitweaver2.8.1/bitweaver/articles/edit.php form-data;...
SiteXCMS 080 build 522 Multiple Vulnerabilities
Exploit for php platform in category web applications author: lemlajt software : SiteXCMS @ sourceforge.net version: 080 build 522 tested on: linux cve : = PoC : html injection = http://localhost/www/cmsadmins/SiteXCMS080build522/calendar.php?sxMonth=1&sxYear=test = Poc : xss =...
Joomla 1.5.15 Persistant XSS Vulnerability
Exploit for unknown platform in category web applications ========================================== Joomla 1.5.15 Persistant XSS Vulnerability ========================================== prog ------------- Joomla 1.5.15 vuln ------------- Persistant XSS in 'Author Alias' source -------------...
oBlog Persistant XSS CSRF Admin Bruteforce
No description provided by source. ------------------------------------------------------------------------------------------------- Application: oBlog Version: the only one there is : Download: http://www.dootzky.com/images/projects/oBlog.zip Author of this full disclosure: Milos Zivanovic...
Nullsoft ShoutcastServer Persistant XSS - 0day
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 +--------------------------------------- - -- - | SaMuschie Research Labs proudly presents . . . +------------------------------------------- -- - - | Application: Nullsoft ShoutcastServer | Version: 1.9.7/Win32 other versions/platforms not tested |...