7656 matches found
Multiple Vendor TCP Sequence Number Approximation Vulnerability (2)
No description provided by source. source: http://www.securityfocus.com/bid/10183/info A vulnerability in TCP implementations may permit unauthorized remote users to reset TCP sessions. This issue affects products released by multiple vendors. Exploiting this issue may permit remote attackers to...
Campsite CMS remote Persistent XSS vulnerability
No description provided by source. Exploit Title: Campsite CMS remote Persistent XSS vulnerability Date: 15th july 2010 Author: D4rk357 Critical:Low Contact:bd4rk357atyahoodotin Software Link:bhttp://www.sourcefabric.org/en/home/web/78/Demo--Documentation.htm?tpl=18 Greetz to:bb0nd,...
SyndeoCMS <= 3.0.01 Persistent XSS
No description provided by source. +---------------------------------------------------------------------------------------------------------------------------------+ Exploit Title : SyndeoCMS = 3.0.01 Persistent XSS Date : 29-03-2012 Author : Ivano Binetti http://ivanobinetti.com Vendor site :...
Olat CMS 7.8.0.1 - Persistent XSS
No description provided by source. Document Title: =============== Olat CMS 7.8.0.1 - Persistent Calender Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1125 Release Date: ============= 2013-10-27 Vulnerability Laboratory ID VL-ID:...
Facebook for iPhone persistent XSS DoS
No description provided by source. Facebook for iPhone persistent XSS Facebook application for iPhone is not encoding special characters in Notes detail Adding this code in a note will freeze application: scriptvar x = 'x'; while 1 document.write'iframe src=tel:'+x+'/iframe'; x = x + 'x'; /script...
vBshop Multiple Persistent XSS Vulnerabilities
No description provided by source. Exploit Title: vBshop persistent XSS 0day Google Dork: DragonByte Technologies Ltd vbshout Date: 25/3/2012 9:32 PM EST Author: ToiL Software Link: http://www.dragonbyte-tech.com/ Version: all Tested on: all CVE : XSS Greeting from Team Odyessy. Today we will...
Explay CMS <= 2.1 Persistent XSS and CSRF Vulnerability
No description provided by source. ================================== Explay CMS = 2.1 Persistent XSS and CSRF ================================== Discovered by hodik Mail: [email protected] 1. Persistent XSS This CMS has bad anti-XSS filter that cut only some basic vectors. The loginned user can...
SpiceWorks 7.2.00174 - Persistent XSS Vulnerabilities
No description provided by source. Exploit Title: Multiple Stored XSS vulnerabilities in SpiceWorks Ticketing system Date: 12/05/2014 Exploit author: Dolev Farhi @f1nhack Vendor homepage: http://spiceworks.com Software Link: http://download.spiceworks.com/Spiceworks.exe Version: 7.2.00174 Latest...
Joomla JE Awd Song Component Persistent XSS Vulnerability
No description provided by source. Critical Level : HIGH Vendor Url : http://joomlaextensions.co.in/component/awdsong/ Google Dork: inurl:comawdsong Price:$37.00 Author : Sid3^effects aKa HaRi shellc99atyahoo.com special thanks to : r0073r inj3ct0r.com,L0rd...
Micro CMS 1.0 b1 - Persistent XSS Vulnerability
No description provided by source. Title : Micro CMS Persistent Cross-Site Scripting Vulnerability. Author : Veerendra G.G from SecPod Technologies www.secpod.com Vendor : http://www.micro-cms.com/ Advisory : http://secpod.org/blog/?p=135 http://secpod.org/advisories/SECPODMicroCMS.txt Version :...
New-CMS - Multiple Vulnerability
No description provided by source. Multiple Vulnerability in New-CMS Vendor SW: New-CMS Version: 1.08 but possible all versions Vendor URL: www.new-cms.org Tested on: Ubuntu Server 9.10 Category: Webapps/0day Date: 17 Feb 2010 Author: Alberto fulgur Fontanella Author URL: ictsec.wordpress.com...
Edimax AR-7084GA Router CSRF + Persistent XSS Exploit
No description provided by source. ?php / Edimax AR-7084GA Router CSRF + Persistent XSS Exploit Firmware version: 2.9.8.1RUE0.C2A3.7.6.1 Vulnerable page: http://xx.xx.xx.xx/advanced/advnatvirsvr.htm Author: l3D Sites: http://xraysecurity.blogspot.com, http://nullbyte.org.il IRC: irc://irc.nix.co....
vBShout Persistent XSS
No description provided by source. Exploit Title: vBShout persistent XSS 0day Google Dork: DragonByte Technologies Ltd vbshout Date: 21/3/2012 9:00 PM EST Author: ToiL Software Link: http://www.dragonbyte-tech.com/ Version: all Tested on: all CVE : XSS Greeting from Team Odyessy. Today we will...
Pinnacle ShowCenter 1.51 Web Interface Skin Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/11232/info The Pinnacle Systems ShowCenter web-based interface is reported prone to a remote denial of service vulnerability. The issue exists due to a lack of sanity checks performed on the Skin parameter of a ShowCenter...
Network Weathermap 0.97a (editor.php) - Persistent XSS
No description provided by source. Network Weathermap 0.97a - Persistent XSS Earlier versions are also possibly vulnerable. INFORMATION Product: Network Weathermap 0.97a Remote-exploit: yes Vendor-URL: http://www.network-weathermap.com/ Discovered by: Daniel Ricardo dos Santos CVE Request -...
XpressEngine 1.4.5.7 Persistent XSS Vulnerability
No description provided by source. Exploit Title: XpressEngine version 1.4.5.7 Persistent XSS Vulnerability Date: 2011.08.08 Author: v0nSch3lling Software Link: http://www.xpressengine.com Version: 1.4.5.7 Tested on: Microsoft Windows XP SP2 Case 1. Memeber ManagementDelete Account - Target :...
ViewGit 0.0.6 - Multiple XSS Vulnerabilities
No description provided by source. Vulnerability Report Author: Matthew R. Bucci [email protected] Date: 18 March, 2013 CVE-2013-2294 Description of Vulnerability: ----------------------------- ViewGit is a git web repository viewer that aims to be easy to set up and upgrade, light on...
socialengine 4.2.2 - Multiple Vulnerabilities
No description provided by source. Social Engine 4.2.2 Multiples Vulnerabilities Earlier versions are also possibly vulnerable. INFORMATION Product: Social Engine 4.2.2 Remote-Exploit: yes Vendor-URL: http://www.socialengine.net/ Discovered by: Tiago Natel de Moura aka i4k Discovered at: 10/04/20...
Axous 1.1.1 - Multiple Vulnerabilities (CSRF - Persistent XSS)
No description provided by source. +-----------------------------------------------------------------------------------------------------------+ Exploit Title : Axous 1.1.1 Multiple Vulnerabilities CSRF - Persistent XSS Date : 30-04-2012 Author : Ivano Binetti http://www.ivanobinetti.com Software...
NovaBoard <= 1.0.1 (message) Persistent XSS Vulnerability
No description provided by source. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= NovaBoard = 1.0.1 / XSS Vulnerability -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= $ Program: NovaBoard $ Version: = 1.0.1 $ File affected: index.php $ Download: http://www.novaboard.net/ Found by Pepelux pepeluxatenye-sec.org...