New-CMS v1.08 Multiple Vulnerability

Exploit for php platform in category web applications ==================================== New-CMS v1.08 Multiple Vulnerability ==================================== Vendor SW: New-CMS Version: 1.08 but possible all versions Vendor URL: www.new-cms.org Tested on: Ubuntu Server 9.10 Category:...

ASPCode CMS <= v1.5.8 Multiple Vulnerabilities

Exploit for asp platform in category web applications ============================================== ASPCode CMS yahoo.it - ictsec.wordpress.com 1 - Multiple XSS Vulnerability http://host/default.asp?sec=1&ma1="alert"XSS"; http://host/default.asp?sec=1&tag="alert"XSS";...

osCommerce 3.0a5 Cross Site Request Forgery / Cross Site Scripting / Local File Inclusion

Multiple Vulnerabilities in osCommerce Vendor SW: osCommerce Version: 3.0a5 but possible all versions Vendor URL: www.oscommerce.com Tested on: Ubuntu Server 9.10 Category: Webapps/0day Date: 30 Apr 2010 Author: Alberto Fontanella Author WEB: ictsec.wordpress.com Author EMAIL: itsicurezzayahoo.it...

New-CMS - Multiple Vulnerabilities

Multiple Vulnerability in New-CMS Vendor SW: New-CMS Version: 1.08 but possible all versions Vendor URL: www.new-cms.org Tested on: Ubuntu Server 9.10 Category: Webapps/0day Date: 17 Feb 2010 Author: Alberto "fulgur" Fontanella Author URL: ictsec.wordpress.com Author EMAIL: itsicurezzayahoo.it 1 ...

osCommerce v3.0a5 Multiple Vulnerabilities

Exploit for php platform in category web applications ========================================== osCommerce v3.0a5 Multiple Vulnerabilities ========================================== Vendor SW: osCommerce Version: 3.0a5 but possible all versions Vendor URL: www.oscommerce.com Tested on: Ubuntu...

ASPCode CMS 1.5.8 - Multiple Vulnerabilities

Multiple Vulnerability in ASPCode CMS Software Version: yahoo.it - ictsec.wordpress.com 1 - Multiple XSS Vulnerability http://host/default.asp?sec=1&ma1="alert"XSS"; http://host/default.asp?sec=1&tag="alert"XSS"; http://host/default.asp?sec=1&ma2="alert"XSS"; XSS found also on Form to reset...

New-CMS - Multiple Vulnerabilities

New-CMS - Multiple Vulnerabilities Multiple Vulnerability in New-CMS Vendor SW: New-CMS Version: 1.08 but possible all versions Vendor URL: www.new-cms.org Tested on: Ubuntu Server 9.10 Category: Webapps/0day Date: 17 Feb 2010 Author: Alberto "fulgur" Fontanella Author URL: ictsec.wordpress.com...

Ning.com Cross Site Scripting

|=================================================================================================| | | | /\ \ /\ \ /\ /\ \ /\ \ /\ \ | | /::\ \ /::\ \ /::| | /\ \ /::\ \ /::\ \ /::\ \ | | /:/:\ \ /:/:\ \ /:|:| | :\ \ /:/:\ \ /:/:\ \ /:/:\ \ | | /:/ :\ \ /:/ :\ \ /:/|:| | /::\ /::\:\ ...

DataLife Engine 6.9 Cross Site Scripting

Hello Bugtraq! I want to warn you about security vulnerability in Referer module for DataLife Engine DLE. ----------------------------- Advisory: Vulnerability in Referer for DataLife Engine ----------------------------- URL: http://websecurity.com.ua/3942/ ----------------------------- Affected...

Edimax AR-7084GA Cross Site Request Forgery / Cross Site Scripting

25 die"One or more of the parts can't be longer then 25 characters!"; $url="http://".$SERVER"SERVERNAME".$SERVER"REQUESTURI"; for$i=1; $i'; die; else $time=$GET"time"; $script=$GET"script"; ? /Forms/advnatvirsvr1" name="VIRTUALSVR...

CVE-2010-1243

The IBM Web Interface for Content Management aka WEBi before 1.0.4 creates persistent cookies on client workstations, which has unspecified impact and attack vectors...

Code injection

The IBM Web Interface for Content Management aka WEBi before 1.0.4 creates persistent cookies on client workstations, which has unspecified impact and attack vectors...

CVE-2010-1243

The IBM Web Interface for Content Management aka WEBi before 1.0.4 creates persistent cookies on client workstations, which has unspecified impact and attack vectors...

Edimax AR-7084GA Router - Cross-Site Request Forgery Persistent Cross-Site Scripting

Edimax AR-7084GA Router - Cross-Site Request Forgery Persistent Cross-Site Scripting 25 die"One or more of the parts can't be longer then 25 characters!"; $url="http://".$SERVER"SERVERNAME".$SERVER"REQUESTURI"; for$i=1; $i'; die; else $time=$GET"time"; $script=$GET"script"; ? /Forms/advnatvirsvr1...

Edimax AR-7084GA Router CSRF + Persistent XSS Exploit

Exploit for hardware platform in category web applications ===================================================== Edimax AR-7084GA Router CSRF + Persistent XSS Exploit ===================================================== 25 die"One or more of the parts can't be longer then 25 characters!";...

Edimax AR-7084GA Router - Cross-Site Request Forgery / Persistent Cross-Site Scripting

25 die"One or more of the parts can't be longer then 25 characters!"; $url="http://".$SERVER"SERVERNAME".$SERVER"REQUESTURI"; for$i=1; $i'; die; else $time=$GET"time"; $script=$GET"script"; ? /Forms/advnatvirsvr1" name="VIRTUALSVRform" input type="hid...

Design/Logic Flaw

The Standard Remember method in TikiWiki CMS/Groupware 3.x before 3.5 allows remote attackers to bypass access restrictions related to "persistent login," probably due to the generation of predictable cookies based on the IP address and User agent in userslib.php...

CVE-2010-1136

The CVE-2010-1136 issue affects Tiki Wiki CMS/Groupware 3.x up to, but not including, version 3.5. The vulnerability arises in the Standard Remember (persistent login) mechanism, where cookies are generated in a way that is predictable based on the client IP address and User-Agent in userslib.php...

Chilly CMS Cross Site Scripting

======================================================================= chillyCMS Persistent XSS Vulnerability ======================================================================= Vulnerability found in- Admin module email [email protected] company aksitservices Credit by Pratul Agrawal...

Joomla com_easygb presistent XSS Vulnerability

Exploit for unknown platform in category web applications ============================================== Joomla comeasygb presistent XSS Vulnerability ============================================== Joomla comeasygb presistent XSS Vulnerability Author: kazuya Contact: email protected Greetz to...