IW Messenger v3.5 - Persistent Input Validation Vulnerability

Document Title: =============== IW Messenger v3.5 - Persistent Input Validation Vulnerability Release Date: ============= 2011-06-30 Vulnerability Laboratory ID VL-ID: ==================================== 212 Product & Service Introduction: =============================== IWMessenger è un potente...

Wordpress core 3.1.3 Persistent XSS Vulnerability

No description provided by source. Title: Wordpress core 3.1.3 self-XSS Author: Jelmer de Hen Software link: http://wordpress.org/download/Version: 3.1.3 Wordpress 3.1.3 has a self-XSS vulnerability in the following pages:/wp-admin/user-edit.php?userid=uid/wp-admin/profile.php By putting Javascri...

XSS и AoF уязвимости в Drupal

Здравствуйте 3APA3A! Сообщаю вам о найденных мною Cross-Site Scripting и Abuse of Functionality уязвимостях в Drupal. XSS WASC-08: При добавлении или изменении данных в любых внутренних формах добавление/изменение поста и т.д. можно провести persistent XSS атаку. XSS код выполнится при посещении...

Joomla! Component JoomlaXi - Persistent Cross-Site Scripting

1.JoomlaXi persistent XSS vulnerabilty vendor: www.joomlaxi.com Author: 3psil0nLambDa a.k.a Karthik Email: [email protected] My blog: epsilonlambda.co.cc Google dork: © 2008-2010 JoomlaXi...

JoomlaXi Cross Site Scripting

1.JoomlaXi persistent XSS vulnerabilty vendor: www.joomlaxi.com Author: 3psil0nLambDa a.k.a Karthik Email: [email protected] My blog: epsilonlambda.co.cc Google dork: © 2008-2010 JoomlaXi...

EA Sports Cross Site Scripting

Information -------------------- Name : XSS Persistent in EA Sports Software : EA Sports Main site Vendor Homepage : http://www.ea.com Vulnerability Type : XSS Persistent Severity : Very High Researcher : Juan Sacco Description ------------------ EA Sports is prone to a XSS Stored vulnerability...

myBloggie 2.1.6 SQL-Injection, Advanced INSERT INTO Injection technique

myBloggie 2.1.6 SQL-Injection, Advanced INSERT INTO Injection technique Software: myBloggie 2.1.6 Severity: High Author: Robin Verton info at robinverton dot de Date: Jun. 12 2011 Vendor: http://mybloggie.mywebland.com/ Software Description: "myBloggie is considered one of the most simple,...

myBloggie 2.1.6 SQL Injection

myBloggie 2.1.6 SQL-Injection, Advanced INSERT INTO Injection technique Software: myBloggie 2.1.6 Severity: High Author: Robin Verton Date: Jun. 12 2011 Vendor: http://mybloggie.mywebland.com/ Software Description: "myBloggie is considered one of the most simple, user-friendliest yet packed with...

Evo CMS 2.1.0 - Multiple Web Vulnerabilities

Document Title: =============== Evo CMS 2.1.0 - Multiple Web Vulnerabilities Release Date: ============= 2011-06-17 Vulnerability Laboratory ID VL-ID: ==================================== 191 Product & Service Introduction: =============================== N/A Abstract Advisory Information:...

WeBid 1.0.2 - Persistent Cross-Site Scripting (via SQL Injection)

Exploit Title: presistent XSS through SQLi WeBid 1.0.2 Google Dork: "powered by WeBid" Date: 15-06-2011 Author: Saif El-Sherei Software Link: http://sourceforge.net/projects/simpleauction/ Version: 1.0.2 Tested on: Firefox 4, XAMPP Info: Open source php/mysql fully featured auction script. Perfec...

WeBid 1.0.2 - Persistent Cross-Site Scripting (via SQL Injection)

WeBid 1.0.2 - Persistent Cross-Site Scripting via SQL Injection Exploit Title: presistent XSS through SQLi WeBid 1.0.2 Google Dork: "powered by WeBid" Date: 15-06-2011 Author: Saif El-Sherei Software Link: http://sourceforge.net/projects/simpleauction/ Version: 1.0.2 Tested on: Firefox 4, XAMPP...

WeBid 1.0.2 presistent XSS via SQL Injection

Exploit for php platform in category web applications Exploit Title: presistent XSS through SQLi WeBid 1.0.2 Google Dork: "powered by WeBid" Author: Saif El-Sherei Software Link: http://sourceforge.net/projects/simpleauction/ Version: 1.0.2 Tested on: Firefox 4, XAMPP Info: Open source php/mysql...

Evo CMS 2.1.0 - Multiple Web Vulnerabilities

Document Title: =============== Evo CMS 2.1.0 - Multiple Web Vulnerabilities Release Date: ============= 2011-06-17 Vulnerability Laboratory ID VL-ID: ==================================== 191 Product & Service Introduction: =============================== N/A Abstract Advisory Information:...

CVE-2011-1872

Hyper-V in Microsoft Windows Server 2008 Gold, SP2, R2, and R2 SP1 allows guest OS users to cause a denial of service host OS infinite loop via malformed machine instructions in a VMBus packet, aka "VMBus Persistent DoS Vulnerability."...

PBX Phone System v2.x & 3.x - Multiple Web Vulnerabilities

Document Title: =============== PBX Phone System v2.x & 3.x - Multiple Web Vulnerabilities References Source: ==================== CVE: 2009-4458 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4458 OSVDB-ID: 61357 http://osvdb.org/show/osvdb/61357 EDB-ID: 10645...

Microsoft HyperV - Persistent Denial of Service (MS11-047)

Microsoft HyperV - Persistent Denial of Service MS11-047 Core Security Technologies - Corelabs Advisory http://corelabs.coresecurity.com/ MS HyperV Persistent DoS Vulnerability 1. Advisory Information Title: MS HyperV Persistent DoS Vulnerability Advisory ID: CORE-2011-0203 Advisory URL:...

SUBRION CMS Cross Site Scripting / SQL Injection

1.SUBRION CMS multiple vulnerabilties vendor: www.subrion.com Author: Karthik R 3psil0nLambDa Email: [email protected] My blog: epsilonlambda.co.cc Google dork: © 2011 Powered by Subrion CMS...

Parallels Plesk v9.0.2b - Cross Site Scripting Vulnerability

Document Title: =============== Parallels Plesk v9.0.2b - Cross Site Scripting Vulnerability Release Date: ============= 2011-06-12 Vulnerability Laboratory ID VL-ID: ==================================== 153 Product & Service Introduction: =============================== Parallels Plesk Panel ist...

SUBRION CMS - Multiple Vulnerabilities

1.SUBRION CMS multiple vulnerabilties vendor: www.subrion.com Author: Karthik R 3psil0nLambDa Email: [email protected] My blog: epsilonlambda.co.cc Google dork: © 2011 Powered by Subrion CMS...

SUBRION CMS Multiple Vulnerabilities

Exploit for php platform in category web applications 1.SUBRION CMS multiple vulnerabilties vendor: www.subrion.com Author: Karthik R 3psil0nLambDa Email: email protected My blog: epsilonlambda.co.cc Google dork: © 2011 Powered by Subrion CMS...