Operation Aurora - Other Zero-Day Attacks targeting finance and Energy

The infamous Aurora Trojan horse is just one of many attacks launched by the same group of malware authors over the past three years, according to researchers at Symantec. Security researchers with Symantec have issued a report outlining the techniques used by the so-called "Edgewood" hacking...

Pinterest Clone Script - Multiple Vulnerabilities

Pinterest Clone Script - Multiple Vulnerabilities Exploit Title: Pinterestclones Multiple Vulnerabilities Author: DaOne Price: $199.99 Software Link: http://www.pinterestclones.com/ Google Dork: N/A Persistent XSS How to exploit: 1-go to : http://site.com/createusernamen/ 2-Put anything in the...

Pinterest Clone Script - Multiple Vulnerabilities

Exploit Title: Pinterestclones Multiple Vulnerabilities Author: DaOne Price: $199.99 Software Link: http://www.pinterestclones.com/ Google Dork: N/A Persistent XSS How to exploit: 1-go to : http://site.com/createusernamen/ 2-Put anything in the other field Password & E-mail etc... 3-Go to: Add...

WordPress Google Analytics 4.2.4 Cross Site Scripting

Title: ====== Google Analytics v4.2.4 Wordpress - Web Vulnerabilities Date: ===== 2012-08-22 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=692 VL-ID: ===== 692 Common Vulnerability Scoring System: ==================================== 3.5 Introduction: ============= Th...

eFront Educational v3.6.11 - Multiple Web Vulnerabilities

Title: ====== eFront Educational v3.6.11 - Multiple Web Vulnerabilities Date: ===== 2012-08-03 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=666 VL-ID: ===== 666 Common Vulnerability Scoring System: ==================================== 3.5 Introduction: =============...

Interspire Email Marketer v6.0.1 Multiple Vulnerabilites

Exploit for php platform in category web applications Interspire Email Marketer v6.0.1 - Multiple Vulnerabilites Details: ======== 1.1 A SQL Injection vulnerability is detected in the Interspire Email Marketer v6.0.1, Email Marketing Software. The vulnerability allows an attacker remote or local...

Group-Office Calendar SQL Injection

Title: ====== eFront Educational v3.6.11 - Multiple Web Vulnerabilities Date: ===== 2012-08-03 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=666 VL-ID: ===== 666 Common Vulnerability Scoring System: ==================================== 3.5 Introduction: =============...

Clipster Video - Persistent Cross-Site Scripting

Clipster Video - Persistent Cross-Site Scripting Exploit Title: Clipster Video Persistent XSS Vulnerability Date: 04/09/2012 Author: DaOne Software Link: http://www.clipsterscript.com/ Google Dork: "Powered by ClipsterScript.com" How to exploit: 1-go to : http://site.com/login.php?action=Register...

Clipster Video - Persistent Cross-Site Scripting

Exploit Title: Clipster Video Persistent XSS Vulnerability Date: 04/09/2012 Author: DaOne Software Link: http://www.clipsterscript.com/ Google Dork: "Powered by ClipsterScript.com" How to exploit: 1-go to : http://site.com/login.php?action=Register 2-Put in the Username field the XSS Code =...

Clipster Video Persistent XSS Vulnerability

Exploit for php platform in category web applications Exploit Title: Clipster Video Persistent XSS Vulnerability Author: DaOne Price: $24 Software Link: http://www.clipsterscript.com/ Google Dork: "Powered by ClipsterScript.com" How to exploit: 1-go to : http://site.com/login.php?action=Register...

eFront Educational 3.6.11 Cross Site Scripting

Title: ====== eFront Educational v3.6.11 - Multiple Web Vulnerabilities Date: ===== 2012-08-03 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=666 VL-ID: ===== 666 Common Vulnerability Scoring System: ==================================== 3.5 Introduction: =============...

Barracuda Web Filter 910 5.0.015 Cross Site Scripting

Title: ====== Barracuda Web Filter 910 5.0.015 - Multiple Vulnerabilities Date: ===== 2012-08-02 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=570 Barracuda Networks Security ID: BNSEC-279/BNYF-5533 VL-ID: ===== 570 Common Vulnerability Scoring System:...

eFront Enterprise 3.6.11 Cross Site Scripting

Title: ====== eFront Enterprise v3.6.11 - Multiple Web Vulnerabilities Date: ===== 2012-08-06 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=668 VL-ID: ===== 668 Common Vulnerability Scoring System: ==================================== 3.5 Introduction: =============...

Social Engine v4.2.5 - Multiple Web Vulnerabilities

Title: ====== Social Engine v4.2.5 - Multiple Web Vulnerabilities Date: ===== 2012-07-31 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=672 VL-ID: ===== 672 Common Vulnerability Scoring System: ==================================== 3 Abstract: ========= A Laboratory...

SonicWall PolicyManager Module - Cross Site Vulnerability

Document Title: =============== SonicWall PolicyManager Module - Cross Site Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=529 Release Date: ============= 2012-09-01 Vulnerability Laboratory ID VL-ID: ==================================== 5...

SugarCRM Community Edition 6.5.2 (Build 8410) - Multiple Vulnerabilities

SugarCRM Community Edition 6.5.2 Build 8410 multiple vulnerabilities Brendan Coles http://itsecuritysolutions.org/ 2012-07-26 There are multiple security vulnerabilities in SugarCRM Community Edition 6.5.2 Build 8410 which may allow an attacker to take control of the software. Version: 6.5.2 Buil...

Eventy CMS v1.8 Plus Multiple Vulnerabilities

Exploit for php platform in category web applications Eventy CMS v1.8 Plus - Multiple Web Vulnerablities Introduction: ============= Publish Your Events In Online Calendar. Eventy Is Beautiful And Easy To Use Web Based Event Calendar Software Publish events like parties, courses, meetings,...

WordPress Count per Day Plugin 'note' Parameter Persistent XSS Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wordpress:wordpress"; ifdescription...

Fortigate UTM WAF Appliance - Multiple Vulnerabilities

Document Title: =============== Fortigate UTM WAF Appliance - Multiple Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=557 Release Date: ============= 2012-08-28 Vulnerability Laboratory ID VL-ID: ==================================== 557...

Hijacking Servers Remotely with Hikit advanced persistent threat

Security researchers have revealed the existence of an advanced persistent threat that has been making the rounds since April 2011. Backdoor.Hikit is a dangerous backdoor Trojan that will damage infected system and files. Usually, Backdoor. Hikit will open backdoor to allow remote attackers to...