vbulletin-adminxss.txt

====================================================================== Advisory : XSS in admin logs Release Date : July 06th 2008 Application : vBulletin Version : vBulletin 3.7.2 and lower, vBulletin 3.6.10 PL2 and lower Platform : PHP Vendor URL : http://www.vbulletin.com/ Authors : Jessica Hop...

CVE-2008-2711

CVE-2008-2711 affects fetchmail versions 6.3.8 and earlier. In verbose log mode, a malformed mail message with long headers can trigger an erroneous dereference during log formatting (vsnprintf), causing a remote denial of service via a crash and resulting persistent mail failure. Connected advis...

PR07-44: XSS on RSA Authentication Agent login page

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 PR07-44: XSS on RSA Authentication Agent login page Vulnerability found: 5th December 2007 Vendor informed: 13th December 2007 Severity: Medium-high Successfully tested on: RSA Authentication Agent 5.3.0.258 for Web for Internet Information Services...

gallarific-xss.txt

Hello, I was looking at the free version of gallarific, and I found some suspicious code in the scopbin directory. Attached is a file I found in the zip i downloaded, in case someone wants to decode it. the package can be downloaded from http://www.gallarific.com/download.php Also, the software...

Windows Command Shell, Bind TCP (via Perl)

Listen for a connection and spawn a command shell via perl persistent This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 139 include Msf::Payload::Single include...

eforum-xss.txt

eForum v0.4 - NON-PERSISTENT XSS by Omni 1 Infos --------- Date : 2008-03-05 Product : eForum Version : v 0.4 Vendor : http://www.phpbrasil.com/scripts/script.php/id/169 Vendor Status : 2008-03-18 Not Informed! 2008-03-18 Published! Description : eForum is an easy-to-install discussion board that...

F5 BIG-IP Web Management Console XSS

F5 BIG-IP Web Management Console XSS Product: F5 BIG-IP http://www.f5.com/products/big-ip/ The F5 BIG-IP web management interface contains a potentially persistent cross-site scripting vulnerability in the "Console" feature. Output from executed console commands is wrapped in textarea intentional...

ZyXEL Gateways Vulnerability Research: http://www.procheckup.com/Hacking_ZyXEL_Gateways.pdf

This paper is the result of various security assessments performed on several ZyXEL Prestige devices in both, a controlled environment computer lab and production environments during several penetration tests. There are two types of attacks featured in this paper which we believe might be...

Simple Machines Forum "SMF Shoutbox" Mod Persistent XSS

Simple Machines Forum "SMF Shoutbox" Mod 1.16b-1.14 Reference: http://custom.simplemachines.org/mods/index.php?mod=412 Bug:Persistent XSS SMF Shoutbox is a popular shoutbox mod for Simple Machines Forum.The content of a post variable used to hold the user shout is stored in the database and then...

Buffer overflow

Buffer overflow in NeroMediaPlayer.exe in Nero Media Player 1.4.0.35 and earlier allows remote attackers to execute arbitrary code or cause a denial of service persistent crash via a long URI in a .M3U file...

Vulnerabilities in Boundless Source

Здравствуйте 3APA3A! Сообщаю вам о найденных мною Cross-Site Scripting уязвимостях в Boundless Source. XSS: http://site/catalog/index.cgi?search=3Cscript3Ealertdocument.cookie3C/script3E&sparam=all&category=cat20...

PHP -> set_time_limit

when safemode = on, settimelimit is "off", then we can use iniset"maxexecutiontime", 90000000; suppose the server is vulnerable PHP injection, then an attacker make a backdoor in PHP and register it in SCM of windows with win32service extension. the backdoor need wait for connections, if safemode...

XSS vulnerabilities in WP-ContactForm

Здравствуйте 3APA3A! Сообщаю вам о найденных мною Cross-Site Scripting уязвимостях в WP-ContactForm. Это плагин для WordPress. Данные уязвимости - это persistent XSS. Уязвима версия плагина WP-ContactForm 1.5 alpha и предыдущие. Ранее я уже писал про уязвимости в WP-ContactForm...

Bitweaver XSS & SQL Injection Vulnerability

HSC Bitweaver XSS & SQL Injection Vulnerability Bitweaver is an open source content management system. Its speed and power are ideal for large-scale community websites and corporate applications, but it is simple enough for non-technical small site users to set up and administrate. It comes fully...

bitweaver-sqlxss.txt

HSC Bitweaver XSS & SQL Injection Vulnerability Bitweaver is an open source content management system. Its speed and power are ideal for large-scale community websites and corporate applications, but it is simple enough for non-technical small site users to set up and administrate. It comes fully...

isaa-2007-004.txt

============================================= INTERNET SECURITY AUDITORS ALERT 2007-004 - Original release date: November 7th, 2007 - Last revised: December 7th, 2007 - Discovered by: Jesus Olmos Gonzalez - Severity: 4/5 ============================================= I. VULNERABILITY...

[ISecAuditors Security Advisories] wwwstats is vulnerable to Persistent XSS

============================================= INTERNET SECURITY AUDITORS ALERT 2007-004 - Original release date: November 7th, 2007 - Last revised: December 7th, 2007 - Discovered by: Jesus Olmos Gonzalez - Severity: 4/5 ============================================= I. VULNERABILITY...

MoBiC-28 Bonus: XSS in Cryptographp

Здравствуйте 3APA3A! Сообщаю вам о найденных мною Cross-Site Scripting уязвимостях в капче Cryptographp. Это капча плагин для WordPress. Всего 24 XSS уязвимости на странице опций плагина http://site/wp-admin/options-general.php?page=cryptographp/admin.php. Причём это persistent XSS уязвимости. XS...

MoBiC-26 Bonus: XSS in Captcha!

Здравствуйте 3APA3A! Сообщаю вам о найденных мною Cross-Site Scripting уязвимостях в капче Captcha!. Это капча плагин для WordPress. Всего 4 XSS уязвимости на странице опций плагина http://site/wp-admin/options-general.php?page=captchacaptcha.php. Причём это persistent XSS уязвимости. XSS:...

MoBiC-23 Bonus: XSS in Math Comment Spam Protection

Здравствуйте 3APA3A! Сообщаю вам о найденных мною Cross-Site Scripting уязвимостях в капче Math Comment Spam Protection. Это капча плагин для WordPress. Для атаки необходимо произвести CSRF + XSS атаку для обеих уязвимостей. Причём это persistent XSS уязвимости. XSS: Эксплоит 1:...