BSI Advance Hotel Booking System 2.0 Cross Site Scripting

Exploit Title:BSI Advance Hotel Booking System Persistent XSS Google Dork: intext:Hotel Booking System v2.0 © 2008 - 2012 Copyright Best Soft Inc Date: Wed Jun 4 2014 Exploit Author: Angelo Ruwantha Vendor Homepage: http://www.bestsoftinc.com Software Link:...

PayPal Inc BB #74 - Persistent Core Backend Vulnerability

Document Title: =============== PayPal Inc BB 74 - Persistent Core Backend Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1278 PayPal Inc Security UID: cDc49dT Vulnerability Magazine Article:...

IPSwitch IMail Server WEB client 12.4 - Persistent Cross-Site Scripting

IPSwitch IMail Server WEB client 12.4 - Persistent Cross-Site Scripting Exploit Title: IPSwitch IMail Server WEB client 12.4 persistent XSS Google Dork: Date: 3 june 2014 Exploit Author: Peru GoSecure! Vendor Homepage: www.ipswitch.com Software Link: http://www.imailserver.com/try/ Version: Teste...

IPSwitch IMail Server WEB client 12.4 - Persistent Cross-Site Scripting

Exploit Title: IPSwitch IMail Server WEB client 12.4 persistent XSS Google Dork: Date: 3 june 2014 Exploit Author: Peru GoSecure! Vendor Homepage: www.ipswitch.com Software Link: http://www.imailserver.com/try/ Version: Tested on 12.3 and 12.4 before 12.4.1.15 Tested on: WindowsServer2008R2 STD S...

Latest Kali Linux 1.0.7 Offers Persistent Encrypted Partition on USB Stick

There is a good news for all Security researchers, Penetration testers and Hackers. The developers of one of the most advance open source operating system for penetration testing, 'KALI Linux' have announced yesterday the release of its latest version of Kali Linux 1.0.7 with some interesting...

CyberLink Power2Go Essential 9.0.1002.0 Overflow

!/usr/bin/perl Exploit Title: CyberLink Power2Go Essential 9.0.1002.0 - Registry SEH/Unicode Buffer Overflow Discovery date: 11-26-2013 Exploit Author: Mike Czumak Tv3rn1x -- @SecuritySift Vulnerable Software/Version: CyberLink Power2Go 9 Essential 9.0.1002.0 Vendor Site: http://www.cyberlink.com...

BarracudaDrive 6.7.2 Cross Site Scripting

Exploit Title : BarracudaDrive Content Management System Multiple XSS Vulnerabilities Author : Manish Kishan Tanwar Vendor : http://barracudadrive.com Software : BarracudaDrive 6.7.2 Date : 15/05/2014 Discovered At : IndiShell LAB indishell.in aka indian cyber army Love to : zero cool,Team...

Multiple Stored XSS in FOG Image deployment system - FD

Vulnerability title: Multiple Stored Cross-Site scripting CVE: CVE-2014-3111 Vendor: FOG Project Product: FOG Imaging system Affected version: 0.27 – 0.32latest Fixed version: N/A Reported by: Dolev Farhi ---------------------------- VULNERABILITY Details: ---------------------------- Latest and...

PayPal Filter Bypass

Document Title: =============== Paypal Inc Bug Bounty 109 MOS - Bypass & Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1050 PayPal Security UID: Pq115cey Release Date: ============= 2014-05-14 Vulnerability Laboratory ID VL-ID:...

GetSimple CMS 3.3.1 Cross Site Scripting

PoC for XSS bugs in the admin console of GetSimple CMS 3.3.1 CVE-2014-1603 by Pedro Ribeiro [email protected] from Agile Information Security Timeline: 04/11/2013 - Found bugs, produced proof of concept. 05/11/2013 - Communicated to the developer, which acknowledged receipt. 10/01/2014 - Politely...

Paypal BBP #109 MOS - Bypass & Persistent Vulnerability

Document Title: =============== Paypal BBP 109 MOS - Bypass & Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1050 PayPal Security UID: Pq115cey Video: http://www.vulnerability-lab.com/getcontent.php?id=1273 Video Demonstration:...

SpiceWorks 7.2.00174 - Persistent Cross-Site Scripting

SpiceWorks 7.2.00174 - Persistent Cross-Site Scripting Exploit Title: Multiple Stored XSS vulnerabilities in SpiceWorks Ticketing system Date: 12/05/2014 Exploit author: Dolev Farhi @f1nhack Vendor homepage: http://spiceworks.com Software Link: http://download.spiceworks.com/Spiceworks.exe Versio...

Paypal BBP #109 MOS - Bypass & Persistent Vulnerability

Document Title: =============== Paypal BBP 109 MOS - Bypass & Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1050 PayPal Security UID: Pq115cey Video: http://www.vulnerability-lab.com/getcontent.php?id=1273 Video Demonstration:...

Openfiler 2.99.1 Cross Site Scripting Vulnerability

Openfiler version 2.99.1 suffers from multiple persistent cross site scripting vulnerabilities. Exploit Title: Multiple persistent XSS in Openfiler Exploit author: Dolev Farhi @f1nhack Date 07/05/2014 Vendor homepage: http://www.openfiler.com Affected Software version: 2.99.1 Alerted vendor: 7.5....

OpenFiler 2.99.1 - Multiple Persistent Cross-Site Scripting Vulnerabilities

Exploit Title: Multiple persistent XSS in Openfiler Exploit author: Dolev Farhi @f1nhack Date 07/05/2014 Vendor homepage: http://www.openfiler.com Affected Software version: 2.99.1 Alerted vendor: 7.5.14 Software Description ===================== Openfiler is a network storage operating system...

InvisionPower CMS Links To Titles 3.0 Cross Site Scripting

InvisionPower cms Links to Titles utility Presistent XSS =========================================== Author: UmPire Version: 3.0 Full details for version 3.1 patch is not mentioned. It's suspicious to affect all versions. Vendor URL: http://invisionpower.com Product URL:...

Woltlab Burning Board 3.9.1 pl1 - Persistent Web Vulnerability & Editor Reverse Encoding Issue

Document Title: =============== Woltlab Burning Board 3.9.1 pl1 - Persistent Web Vulnerability & Editor Reverse Encoding Issue References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1256 Video: http://www.vulnerability-lab.com/getcontent.php?id=1257 Release Dat...

SEC Consult SA-20140430-0 :: SQL injection and persistent XSS in the Typo3 3rd party extension si_bibtex

SEC Consult Vulnerability Lab Security Advisory 20140430-0 ======================================================================= title: SQL injection and persistent XSS product: Typo3 3rd party extension sibibtex vulnerable version: sibibtex 0.2.3 fixed version: - impact: critical homepage:...

AppFish Offline Coder v2.2 iOS - Persistent Software Vulnerability

Document Title: =============== AppFish Offline Coder v2.2 iOS - Persistent Software Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1252 Release Date: ============= 2014-04-08 Vulnerability Laboratory ID VL-ID:...

BVS Site 4.0.1 / 5.2.1 Cross Site Scripting

Persistent Cross Site Scripting on BVS Site + Date: 02/05/2014 + Risk: HIGH + Author: Felipe Andrian Peixoto + Vendor Homepage: http://trac.reddes.bvsalud.org/projects/bvs-site/wiki/Downloads + Contact: [email protected] + Tested on: Windows 7 and Linux + Vulnerable File: index.php + Dork...