Comment Crew Exposé a New Level of China Attack Attribution

China has been blamed for cyberattacks on every major industrial base in the United States—and even in some corners for the Super Bowl blackout. But most of it has been rampant speculation coupled with the lacing together of a number of loose ends. Examples of the kind of direct attribution to th...

Sonicwall OEM Scrutinizer v9.5.2 - Multiple Vulnerabilities

Title: ====== Sonicwall OEM Scrutinizer v9.5.2 - Multiple Vulnerabilities Date: ===== 2013-02-14 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=786 VL-ID: ===== 786 Common Vulnerability Scoring System: ==================================== 5.2 Introduction: ============...

SonicWALL OEM Scrutinizer 9.5.2 - Multiple Vulnerabilities

Title: ====== Sonicwall OEM Scrutinizer v9.5.2 - Multiple Web Vulnerabilities Date: ===== 2013-02-14 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=786 VL-ID: ===== 786 Common Vulnerability Scoring System: ==================================== 5.2 Introduction:...

Sonicwall OEM Scrutinizer v9.5.2 - Multiple Vulnerabilities

Document Title: =============== Sonicwall OEM Scrutinizer v9.5.2 - Multiple Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=786 Release Date: ============= 2013-02-13 Vulnerability Laboratory ID VL-ID: ====================================...

Yahoo.com XSS Persistent + Cookie Exploit

Yahoo XSS persistent +cookie stealer This is private exploit. You can buy it at https://0day.today...

Windows Manage Persistent Payload Installer

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' require 'rex' require 'msf/core/post/common' require...

IP.Gallery 4.2.x and 5.0.x Persistent XSS Vulnerability

Exploit for php platform in category web applications Exploit Title: IP.Gallery 4.2.x and 5.0.x persistent XSS vulnerability image title is vulnerable to persistent XSS vulnerability which allow any normal member to hack any administrator account or any other member account. we contacted the vend...

IP.Gallery 4.2.x/5.0.x - Persistent Cross-Site Scripting

Exploit Title: IP.Gallery 4.2.x and 5.0.x persistent XSS vulnerability Date: 8/2/2013 Exploit Author: Mohamed Ramadan Author HomePage: http://www.Attack-Secure.com Author Twitter : https://twitter.com/AttackSecure Vendor Homepage: http://www.invisionpower.com/ Software Link:...

phpVibe 3.1 Persistent XSS Vulnerability

This exploit allow attackers to inject script code in members list 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS,...

PayPal Cross Site Scripting

Title: ====== PayPal Bug Bounty 26 - Persistent Web Vulnerabilities Date: ===== 2013-01-26 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=703 PayPal UID: wam19c8kxn VL-ID: ===== 703 Common Vulnerability Scoring System: ==================================== 4.5...

Microsoft Skype Shop Cross Site Scripting

Title: ====== Microsoft Skype Shop - GiftCards Persistent Vulnerability Date: ===== 2013-01-30 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=826 MICROSOFT SECURITY RESPONSE CENTER MSRC ID: 13603 MICROSOFT SECURITY RESPONSE CENTER MSRC MANAGER: CL VL-ID: ===== 826 Comm...

SERENDIPITY-1.7-RC2 Multiple Xss Vulnerability

Serendipity is a PHP-powered weblog application which gives the user an easy way to maintain an online diary, weblog or even a complete homepage. While the default package is designed for the casual blogger, Serendipity offers a flexible, expandable and easy-to-use framework with the power for...

nCircle PureCloud Vulnerability Scanner - Multiple Web Vulnerabilities

Title: ====== nCircle PureCloud Vulnerability Scanner - Multiple Web Vulnerabilities Date: ===== 2013-01-28 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=795 nCircle Tracking ID: 20130117-US11337 VL-ID: ===== 795 Common Vulnerability Scoring System:...

D-Link DIR-300 Cross Site Scripting

Requirement 1. HTTPs Access to router 2. Ability to make configuration changes Access vector Remote Impact Persistent XSS / Script execution Vulnerable platform D-Link DIR-300 Firmware v1.3 Severity level High Steps to reproduce 1. Log in to D-link router. 2. Setup - LAN Setup - DHCP Client List ...

Microsoft Skype Shop - GiftCards Persistent Vulnerability

Document Title: =============== Microsoft Skype Shop - GiftCards Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=826 MICROSOFT SECURITY RESPONSE CENTER MSRC ID: 13603 MICROSOFT SECURITY RESPONSE CENTER MSRC MANAGER: CL Release...

nCircle patches PureCloud vulnerability scanner on Vulnerability-Lab report

The Vulnerability-Laboratory Research Team discovered persistent and client side POST Injection web vulnerability in the nCircle PureCloud cloud-based Vulnerability Scanner Application. The vulnerability allows an attacker to inject own malicious script code in the vulnerable module on applicatio...

nCircle patches PureCloud vulnerability scanner on Vulnerability-Lab report

The Vulnerability-Laboratory Research Team discovered persistent and client side POST Injection web vulnerability in the nCircle PureCloud cloud-based Vulnerability Scanner Application. The vulnerability allows an attacker to inject own malicious script code in the vulnerable module on applicatio...

nCircle PureCloud Vulnerability Scanner - Vulnerabilities

Document Title: =============== nCircle PureCloud Vulnerability Scanner - Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=795 nCircle Tracking ID: 20130117-US11337 Release Date: ============= 2013-01-28 Vulnerability Laboratory ID VL-ID:...

Wordpress Developer Formatter CSRF Vulnerability

==================================================================================================================== Exploit Title: Wordpress Developer Formatter CSRF Vulnerability Date: 21/01/13 Author: Junaid Hussain - illSecure Research Group - Contact: [email protected] | Website:...

nCircle PureCloud Vulnerability Scanner - Vulnerabilities

Document Title: =============== nCircle PureCloud Vulnerability Scanner - Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=795 nCircle Tracking ID: 20130117-US11337 Release Date: ============= 2013-01-28 Vulnerability Laboratory ID VL-ID:...