7596 matches found
vBSEO 3.5.2 & 3.2.2 - Persistent XSS via LinkBacks
Exploit for php platform in category web applications Versions Affected: 3.5.2 & 3.2.2 Most likely all versions Info: A proven success record, vBSEO powers the most optimized forums on the Web. The 1 SEO plugin and the only professional, fully supported solution. A full package of SEO enhancement...
vBSEO 3.2.23.5.2 - Persistent Cross-Site Scripting via LinkBacks
vBSEO 3.2.23.5.2 - Persistent Cross-Site Scripting via LinkBacks vBSEO - Persistent XSS via LinkBacks http://www.exploit-db.com/vbseo-from-xss-to-reverse-php-shell/ Versions Affected: 3.5.2 & 3.2.2 Most likely all versions Info: A proven success record, vBSEO powers the most optimized forums on t...
vBSEO 3.2.2/3.5.2 - Persistent Cross-Site Scripting via LinkBacks
vBSEO - Persistent XSS via LinkBacks http://www.exploit-db.com/vbseo-from-xss-to-reverse-php-shell/ Versions Affected: 3.5.2 & 3.2.2 Most likely all versions Info: A proven success record, vBSEO powers the most optimized forums on the Web. The 1 SEO plugin and the only professional, fully support...
vBSEO Sitemap 2.5/3.0 - Multiple Vulnerabilities
vBSEO Sitemap - Multiple Vulnerabilities Versions Affected: 2.5 and 3.0 Most likely all versions Info: A proven success record, vBSEO powers the most optimized forums on the Web. The 1 SEO plugin and the only professional, fully supported solution. A full package of SEO enhancements, one install,...
Sophisticated Attackers Now Using Social Net For Command and Control
Spammers aren’t the only ones who have figured out that social networks like Twitter and Facebook are good for business. Sophisticated hackers conducting targeted attacks are also using the networks as a tool to manage malware installations on victims’ networks, according to a new report from...
Smart core system multi-program through persistent XSS and fixes-vulnerability warning-the black bar safety net
Author: B0mbErM@n Program: Version: security2.5.0the governmentv2. 8. 0school2.5.0business3.7.2 and previous versions Environment: XP&IE6&Firefox/3.6.13 Vulnerability discovery:2010-01-15 Notification-vendor:2010-01-16 Lasting - XSS,background browsing of the triggerXSSstatement XSS E-mail:"XSS F...
'Seo Panel' Cookie-Rendered Persistent XSS Vulnerability (CVE-2010-4331)
'Seo Panel' Cookie-Rendered Persistent XSS Vulnerability CVE-2010-4331 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in 'Seo Panel' page rendering which allows for unfiltered, unencrypted content to be presented to a user...
AneCMS 1.3 - Persistent Cross-Site Scripting
AneCMS 1.3 - Persistent Cross-Site Scripting Exploit Title: AneCMS 1.3 Persistant XSS Date: 17.1.2011 Author: Penguin Visit: www.null-sector.info Software Link: http://anecms.com/anecms.zip Version: 1.3 Tested on: Linux I Vulnerability ---------------------- You can add blogpost comments that doe...
Seo Panel 2.2.0 Cookie-Rendered Persistent XSS Vulnerability
Exploit for php platform in category web applications 'Seo Panel' Cookie-Rendered Persistent XSS Vulnerability CVE-2010-4331 Mark Stanislav - email protected I. DESCRIPTION --------------------------------------- A vulnerability exists in 'Seo Panel' page rendering which allows for unfiltered,...
AneCMS 1.3 Cross Site Scripting
Exploit Title: AneCMS 1.3 Persistant XSS Date: 17.1.2011 Author: Penguin Visit: www.null-sector.info Software Link: http://anecms.com/anecms.zip Version: 1.3 Tested on: Linux I Vulnerability ---------------------- You can add blogpost comments that does not get filtered for HTML-Code. Simply add ...
AneCMS 1.3 - Persistent Cross-Site Scripting
Exploit Title: AneCMS 1.3 Persistant XSS Date: 17.1.2011 Author: Penguin Visit: www.null-sector.info Software Link: http://anecms.com/anecms.zip Version: 1.3 Tested on: Linux I Vulnerability ---------------------- You can add blogpost comments that does not get filtered for HTML-Code. Simply add ...
Seo Panel 2.2.0 - Cookie-Rendered Persistent Cross-Site Scripting
'Seo Panel' Cookie-Rendered Persistent XSS Vulnerability CVE-2010-4331 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in 'Seo Panel' page rendering which allows for unfiltered, unencrypted content to be presented to a user...
Seo Panel 2.2.0 - Cookie-Rendered Persistent Cross-Site Scripting
Seo Panel 2.2.0 - Cookie-Rendered Persistent Cross-Site Scripting 'Seo Panel' Cookie-Rendered Persistent XSS Vulnerability CVE-2010-4331 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in 'Seo Panel' page rendering which allo...
glfusion CMS 1.2.1 - img Persistent Cross-Site Scripting
glfusion CMS 1.2.1 - img Persistent Cross-Site Scripting Exploit Title: glfusion CMS 1.2.1 stored XSS via img tag Date: 14-1-2010 Author: Saif El-Sherei Software Link: www.glfusion.org/filemgmt/viewcat.php?cid=1 Version: 1.2.1 Tested on: Firefox 3.0.15 Info: glFusion gives you the ability to easi...
Seo Panel 2.2.0 Cross Site Scripting
'Seo Panel' Cookie-Rendered Persistent XSS Vulnerability CVE-2010-4331 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in 'Seo Panel' page rendering which allows for unfiltered, unencrypted content to be presented to a user...
glfusion CMS 1.2.1 - 'img' Persistent Cross-Site Scripting
Exploit Title: glfusion CMS 1.2.1 stored XSS via img tag Date: 14-1-2010 Author: Saif El-Sherei Software Link: www.glfusion.org/filemgmt/viewcat.php?cid=1 Version: 1.2.1 Tested on: Firefox 3.0.15 Info: glFusion gives you the ability to easily create websites and online communities complete with...
ObjectivityDB - Lack of Authentication
ObjectivityDB - Lack of Authentication !/usr/bin/python obj.py Objectivity/DB Lack of Authentication Remote Exploit Jeremy Brown 0xjbrown41-gmail-com Jan 2011 "Objectivity, Inc. is a leader in distributed, scalable database technology. Our patented data management engine and persistent object sto...
CGI Generic XSS (persistent, 2nd pass)
The remote web server hosts one or more CGI scripts that fail to adequately sanitize request strings containing malicious JavaScript. By leveraging this issue, an attacker may be able to cause arbitrary HTML and script code to be executed in a user's browser within the security context of the...
LifeType 1.2.10 - HTTP Referer Persistent Cross-Site Scripting
Exploit Title: lifetype 1.2.10 http referer XSS Date: 11-1-2010 Author: Saif El-Sherei Software Link: http://lifetype.net/page/downloads Version: 1.2.10 Tested on: firefox 3.0.15 failure to sanitize the http referer header in index.php results in a cross site scripting attack against admins or an...
Skadate Multiple Persistent Cross Site Scripting Vulnerabilities (Undisclosed New Vulnerability)
Exploit Title: Skadate Persistent Cross Site Scripting Vulnerability Google Dork: Powered by SkaDate dating Date: 2 January 2011 Author: Akastep Software Link: http://www.skadate.com Version: SkaDate dating software Tested on: nginx/0.7.62 php version: PHP/5.2.14 ----- Exploit: Persistent Cross...