Wolf CMS 0.75 Persistent Cross Site Scripting

+--------------------------------------------------------------------------------------------------------------------------------+ Exploit Title : Wolfcms al...

Wolfcms <= 0.75 Persistent XSS [2]

Exploit for php platform in category web applications +--------------------------------------------------------------------------------------------------------------------------------+ Exploit Title : Wolfcms = 0.75 new Persistent XSS Date : 26-03-2012 Author : Ivano Binetti...

vBshop - Multiple Persistent Cross-Site Scripting Vulnerabilities

vBshop - Multiple Persistent Cross-Site Scripting Vulnerabilities Exploit Title: vBshop persistent XSS 0day Google Dork: "DragonByte Technologies Ltd" vbshout Date: 25/3/2012 9:32 PM EST Author: ToiL Software Link: http://www.dragonbyte-tech.com/ Version: all Tested on: all CVE : XSS Greeting fro...

vBshop persistent Persisstant XSS

Exploit for php platform in category web applications Exploit Title: vBshop persistent XSS 0day Google Dork: "DragonByte Technologies Ltd" vbshout Date: 25/3/2012 9:32 PM EST Author: ToiL Software Link: http://www.dragonbyte-tech.com/ Version: all Tested on: all CVE : XSS Greeting from Team...

vBshop - Multiple Persistent Cross-Site Scripting Vulnerabilities

Exploit Title: vBshop persistent XSS 0day Google Dork: "DragonByte Technologies Ltd" vbshout Date: 25/3/2012 9:32 PM EST Author: ToiL Software Link: http://www.dragonbyte-tech.com/ Version: all Tested on: all CVE : XSS Greeting from Team Odyessy. Today we will release a 0day for the vBulletin mod...

vBShout Cross Site Scripting

Exploit Title: vBShout persistent XSS 0day Google Dork: "DragonByte Technologies Ltd" vbshout Date: 21/3/2012 9:00 PM EST Author: ToiL Software Link: http://www.dragonbyte-tech.com/ Version: all Tested on: all CVE : XSS Greeting from Team Odyessy. Today we will release a 0day for the vBulletin mo...

vBShout - Persistent Cross-Site Scripting

Exploit Title: vBShout persistent XSS 0day Google Dork: "DragonByte Technologies Ltd" vbshout Date: 21/3/2012 9:00 PM EST Author: ToiL Software Link: http://www.dragonbyte-tech.com/ Version: all Tested on: all CVE : XSS Greeting from Team Odyessy. Today we will release a 0day for the vBulletin mo...

Ilient SysAid v8.5.05 - Multiple Web Vulnerabilities

Title: ====== Ilient SysAid v8.5.05 - Multiple Web Vulnerabilities Date: ===== 2012-03-08 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=470 VL-ID: ===== 470 Introduction: ============= SysAid IT Enterprise Edition is an IT management solution that includes a suite of...

Kongreg8 1.7.3 Mutiple XSS

Exploit Title: Kongreg8 1.7.3 Mutiple XSS Date: 02/24/12 Author: G13 Software Link: https://sourceforge.net/projects/kongreg8/ Version: 1.7.3 Category: webapps php Vulnerability Kongreg8 1.7.3 has multiple XSS vulnerabilites. These vulnerabilities are in the Add Member and Add Group functions...

Wolf CMS v0.7.5 - Multiple Web Vulnerabilities

Title: ====== Wolf CMS v0.7.5 - Multiple Web Vulnerabilities Date: ===== 2012-02-27 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=452 VL-ID: ===== 452 Introduction: ============= Wolf CMS is a content management system and is Free Software published under the GNU...

Kayako Fusion Help Desk Cross Site Scripting

Exploit Title: Kayako Fusion Cross Site Scripting Date: 17.03.2012 Author: Sony Software Link: http://www.kayako.com/ Version: all version Google Dorks: inurl:Base/UserRegistration/ or intitle:Powered by Kayako Fusion Help Desk Software Web Browser : Mozilla Firefox Site : http://insecurity.ro Po...

FlexCMS 3.2.1 Cross Site Scripting

Persistent XSS in FLEXCMS 3.2.1 Software vendor: http://www.flexcms.com/flex/index.html The Persistent XSS appears when any user go to edit profile Display name and then injects the xss code instead of his display name. After inkection this code. In the main page of the webiste, there is "Users...

FlexCMS 3.2.1 - Persistent Cross-Site Scripting

FlexCMS 3.2.1 - Persistent Cross-Site Scripting Persistent XSS in FLEXCMS 3.2.1 Software vendor: http://www.flexcms.com/flex/index.html The Persistent XSS appears when any user go to edit profile Display name and then injects the xss code instead of his display name. After inkection this code. In...

Microsoft Bing Flash Editor Cross Site Scripting

Title: ====== Microsoft Bing - Editor Flash Component Vulnerability Date: ===== 2012-03-15 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=449 MSRC ID1: 12173 MSRC ID2: 12227 Credits: http://technet.microsoft.com/en-us/security/cc308589 VL-ID: ===== 449 Introduction:...

FlexCMS 3.2.1 for logged in users XSS

Exploit for php platform in category web applications Persistent XSS in FLEXCMS 3.2.1 Software vendor: http://www.flexcms.com/flex/index.html The Persistent XSS appears when any user go to edit profile Display name and then injects the xss code instead of his display name. After inkection this...

FlexCMS 3.2.1 - Persistent Cross-Site Scripting

Persistent XSS in FLEXCMS 3.2.1 Software vendor: http://www.flexcms.com/flex/index.html The Persistent XSS appears when any user go to edit profile Display name and then injects the xss code instead of his display name. After inkection this code. In the main page of the webiste, there is "Users...

Microsoft Bing - Persistent Web Service Vulnerability

Document Title: =============== Microsoft Bing - Persistent Web Service Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=449 MSRC ID1: 12173 MSRC ID2: 12227 Release Date: ============= 2012-03-14 Vulnerability Laboratory ID VL-ID:...

Max Guestbook 1.0 - Multiple Vulnerabilities

Max Guestbook 1.0 - Multiple Vulnerabilities Exploit Title: Maxs Guestbook Google Dork: "Powered by PHP F1" Date: 14/03/2012 Author: n0tch aka andmuchmore Software Link: http://www.phpf1.com/download.html?dl=18 Version: 1.0 Tested on: Windows 7 / LinuxUbuntu +-- LFI --+...

Max Guestbook 1.0 - Multiple Vulnerabilities

Exploit Title: Maxs Guestbook Google Dork: "Powered by PHP F1" Date: 14/03/2012 Author: n0tch aka andmuchmore Software Link: http://www.phpf1.com/download.html?dl=18 Version: 1.0 Tested on: Windows 7 / LinuxUbuntu +-- LFI --+...

Simple Posting System - Multiple Vulnerabilities

Exploit Title: Simple Posting System Multple Google Dork: inurl:sps.php?old= or inurl:sps.php " Date: 14/03/2012 Author: n0tch aka andmuchmore Software Link: http://realize.be/files/sps.tar.gz Version: 1.0 Final Tested on: Windows 7 / LinuxUbuntu +-- LFI --+...