vanilla kpoll plugin 1.2 - Persistent Cross-Site Scripting

vanilla kpoll plugin 1.2 - Persistent Cross-Site Scripting Title: Vanilla kPoll 1.2 Stored XSS Date: 5/6/12 Author: Henry Hoggard Author URL: henryhoggard.co.uk Author Twitter: @henryhoggard Software: Vanilla Version 2.0.18.4 + Vanilla kPoll 1.2 http://vanillaforums.org/download...

vanilla kpoll plugin 1.2 - Persistent Cross-Site Scripting

Title: Vanilla kPoll 1.2 Stored XSS Date: 5/6/12 Author: Henry Hoggard Author URL: henryhoggard.co.uk Author Twitter: @henryhoggard Software: Vanilla Version 2.0.18.4 + Vanilla kPoll 1.2 http://vanillaforums.org/download http://vanillaforums.org/addon/kpoll-plugin To Create the XSS go to this lin...

Jobs Portal v3.0 NetArtMedia - Multiple Web Vulnerabilities

Document Title: =============== Jobs Portal v3.0 NetArtMedia - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=595 Release Date: ============= 2012-06-05 Vulnerability Laboratory ID VL-ID: ====================================...

Hexamail Server 4.4.5 - Persistent Cross-Site Scripting

Hexamail Server 4.4.5 - Persistent Cross-Site Scripting Title: Hexamail Server meal.txt XSS pop up alert'Hi, what is this?'; root@bt:/ Send email to the victim: root@bt:/ sendemail -f [email protected] -t [email protected] -xu [email protected] \ -xp bob123 -u "Want some meal..?" -o...

Hexamail Server 4.4.5 - Persistent Cross-Site Scripting

Title: Hexamail Server meal.txt XSS pop up alert'Hi, what is this?'; root@bt:/ Send email to the victim: root@bt:/ sendemail -f [email protected] -t [email protected] -xu [email protected] \ -xp bob123 -u "Want some meal..?" -o message-file=meal.txt -s mail.example.com Vendor time...

Hexamail Server <= 4.4.5 Persistent XSS Vulnerability

Exploit for windows platform in category web applications Title: Hexamail Server meal.txt XSS pop up alert'Hi, what is this?'; email protected:/ Send email to the victim: email protected:/ sendemail -f email protected -t email protected -xu email protected \ -xp...

Vanilla Forums 2.0.18.4 - Tagging Persistent Cross-Site Scripting

Vanilla Forums 2.0.18.4 - Tagging Persistent Cross-Site Scripting Title: Vanilla Tagging Stored XSS Date: 1/6/12 Author: Henry Hoggard Author URL: henryhoggard.co.uk Author Twitter: @henryhoggard Software: Vanilla Version 2.0.18.4 http://vanillaforums.org/download Create a new thread and post you...

Squirrelcart Cart Shop v3.3.4 - Multiple Web Vulnerabilities

Document Title: =============== Squirrelcart Cart Shop v3.3.4 - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=592 Release Date: ============= 2012-06-03 Vulnerability Laboratory ID VL-ID: ===================================...

Vanilla Forums 2.0.18.4 - Tagging Persistent Cross-Site Scripting

Title: Vanilla Tagging Stored XSS Date: 1/6/12 Author: Henry Hoggard Author URL: henryhoggard.co.uk Author Twitter: @henryhoggard Software: Vanilla Version 2.0.18.4 http://vanillaforums.org/download Create a new thread and post your XSS as tag. I used alert'xss' You will have to use a proxy /...

Interspire Shopping Cart v6 - Multiple Web Vulnerabilities

Document Title: =============== Interspire Shopping Cart v6 - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=593 Release Date: ============= 2012-06-02 Vulnerability Laboratory ID VL-ID: ====================================...

Vanilla Forum Tagging Plugin Enchanced 1.0.1 - Persistent Cross-Site Scripting

Title: Vanilla Tagging Enchanced 1.0.1 Stored XSS Date: 1/6/12 Author: Henry Hoggard Author URL: henryhoggard.co.uk Author Twitter: @henryhoggard Software: Vanilla Version 2.0.18.4 + Tagging Enhanced plugin 1.0.1 http://vanillaforums.org/download http://vanillaforums.org/addon/tagging-plugin This...

Interspire Shopping Cart v6 - Multiple Web Vulnerabilities

Document Title: =============== Interspire Shopping Cart v6 - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=593 Release Date: ============= 2012-06-02 Vulnerability Laboratory ID VL-ID: ====================================...

iScripts EasyCreate CMS v2.0 - Multiple Web Vulnerabilities

Document Title: =============== iScripts EasyCreate CMS v2.0 - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=588 Release Date: ============= 2012-06-01 Vulnerability Laboratory ID VL-ID: ====================================...

IXESHE Malware Avoids Easy Detection to Remain a Persistent Threat

Trend Micro today issued a report on an advanced persistent threat that uses stealthy data-stealing malware called IXESHE “i-sushi” to infect machines. So far it’s hit East Asian governments, Taiwanese electronics manufacturers and German telecommunications firms operating across Asia. Though the...

Syneto UTM WAF v1.5.1 - Multiple Web Vulnerabilities

Document Title: =============== Syneto UTM WAF v1.5.1 - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=586 Release Date: ============= 2012-05-30 Vulnerability Laboratory ID VL-ID: ==================================== 586...

Syneto UTM WAF v1.5.1 - Multiple Web Vulnerabilities

Document Title: =============== Syneto UTM WAF v1.5.1 - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=586 Release Date: ============= 2012-05-30 Vulnerability Laboratory ID VL-ID: ==================================== 586...

DHS To Critical Infrastructure Owners: Hold On To Data After Cyber Attack

The Department of Homeland Security Is Offering Organizations That Use Industrial Control Systems advice or mitigating the effects of cyber attacks. Among the agency’s recommendations: hold on to data from infected systems and prevent enemies from moving within your organization. DHS’s Industrial...

PHP Volunteer Management System 1.0.2 Cross Site Scripting / Shell Upload

Exploit Title: PHP Volunteer Management System v 1.0.2 Multiple Vulnerabilities Date: 05/28/12 Author: Ashoo Mail: [email protected] Software Site: https://sourceforge.net/projects/phpvolunteer/ Version: 1.0.2 Tested on: IIS6.0-Windows 2003 ToC 1.0 Introduction 2.0 Unrestricted File Upload 3...

PHP Volunteer Management System 1.0.2 - Multiple Vulnerabilities

PHP Volunteer Management System 1.0.2 - Multiple Vulnerabilities Exploit Title: PHP Volunteer Management System v 1.0.2 Multiple Vulnerabilities Date: 05/28/12 Author: Ashoo Mail: [email protected] Software Site: https://sourceforge.net/projects/phpvolunteer/ Version: 1.0.2 Tested on:...

PHP Volunteer Management System v 1.0.2 Multiple Vulnerabilities

Exploit for php platform in category web applications Exploit Title: PHP Volunteer Management System v 1.0.2 Multiple Vulnerabilities Date: 05/28/12 Author: Ashoo Mail: email protected Software Site: https://sourceforge.net/projects/phpvolunteer/ Version: 1.0.2 Tested on: IIS6.0-Windows 2003 ToC...