7638 matches found
PBX Phone System 2.x - Multiple Vulnerabilities
PBX Phone System 2.x - Multiple Vulnerabilities PenTest Information: ==================== Global-Evolution Security Team remove discover multiple Vulnerabilities on PBX Phone System Application. An attacker can get sensitive customer/admin session-data over multiple Cross-Site-Scripting...
Barracuda Web Firewall 660 Firmware v7.3.1.007 Vulnerability
No description provided by source. Pentest Information: ==================== GESEC Team remove discover a input validation vulnerability on Barracuda - Web Application Firewall 660 Appliance. A remote attacker is able to get sensitive customer sessions hijackor can implement script routines &...
Recipe Script v5.0 Shell Upload/XSRF/XSS Multiple Vulnerabilities
Exploit for unknown platform in category web applications ================================================================= Recipe Script v5.0 Shell Upload/XSRF/XSS Multiple Vulnerabilities =================================================================...
oBlog Persistant XSS, CSRF, Admin Bruteforce
No description provided by source. ------------------------------------------------------------------------------------------------- Application: oBlog Version: the only one there is : Download: http://www.dootzky.com/images/projects/oBlog.zip Author of this full disclosure: Milos Zivanovic...
Loggix Project <= 9.4.5 Multiple Remote File Inclusion
No description provided by source. WX Guest Book 1.1.208 Vulns By xxHackerXzX hacker from nepal [email protected] Product name: WX Guestbook 1.1.208 Product vendor: http://www.ekin0x.com/r57.txt This product suffers from multiple SQLi and persistent XSS vuln. SQL Search Vuln The search...
WX Guest Book 1.1.208 (SQL/XSS) Multiple Remote Vulnerabilities
No description provided by source. WX Guest Book 1.1.208 Vulns By xxHackerXzX hacker from nepal [email protected] Product name: WX Guestbook 1.1.208 Product vendor: http://www.ekin0x.com/r57.txt This product suffers from multiple SQLi and persistent XSS vuln. SQL Search Vuln The search...
Invision Power Board Attachment Cross Site Scripting
Hello Bugtraq! I want to warn you about new vulnerabilities in Invision Power Board. These are Cross-Site Scripting vulnerabilities. Attack is going via attachment at click on the attachment in the post at forum or on the link to this attachment. These are persistent XSS vulnerabilities. I know f...
Oracle eBusiness Suite Cross Site Scripting / Bypass
Hacktics Research Group Security Advisory http://www.hacktics.com/details=;view=Resources%7CAdvisory By Shay Chen, Hacktics. 14-Dec-2009 =========== I. Overview =========== During a penetration test performed by Hacktics' experts, certain vulnerabilities were identified in the Oracle eBusiness...
Cross-Site Scripting vulnerabilities in Invision Power Board
Hello 3APA3A! I want to warn you about new vulnerabilities in Invision Power Board. These are Cross-Site Scripting vulnerabilities. Attack is going via attachment at click on the attachment in the post at forum or on the link to this attachment. These are persistent XSS vulnerabilities. I know fo...
Acc Auto Dealer Script XSS / Backup Disclosure
/\ == \ /\ \ /\ \ \ \ \ \ \ \ \ /\ \ \ \ \ \ \ \ // // // 01000010 01101001 01001111 ---------------------------------------------------------------- + Acc Auto Dealer Script Persistent XSS / SQL backup // Author Info x Author: bi0 x Contact: [email protected] x Homepage : www.ssteam.ws x...
Acc Auto Dealer Script v5.0 Persistent XSS and SQL Backup
Exploit for unknown platform in category web applications ========================================================= Acc Auto Dealer Script v5.0 Persistent XSS and SQL Backup ========================================================= Vendor : http://www.accscripts.com/autos/download.html Version: 5...
Acc Auto Dealer Script v5.0 Persistent XSS and SQL Backup
No description provided by source. Vendor : http://www.accscripts.com/autos/download.html Version: 5.0 /\ == \ /\ \ /\ \ \ \ \ \ \ \ \ /\ \ \ \ \ \ \ \ // // // 01000010 01101001 01001111 ---------------------------------------------------------------- + Acc Auto Dealer Script Persistent XSS...
Acc Auto Dealer Script 5.0 - Persistent Cross-Site Scripting / SQL Backup
Vendor : http://www.accscripts.com/autos/download.html Version: 5.0 /\ == \ /\ \ /\ \ \ \ \ \ \ \ \ /\ \ \ \ \ \ \ \ // // // 01000010 01101001 01001111 ---------------------------------------------------------------- + Acc Auto Dealer Script Persistent XSS / SQL backup // Author Info x...
oBlog - Persistent Cross-Site Scripting Cross-Site Request Forgery Admin Brute Force
oBlog - Persistent Cross-Site Scripting Cross-Site Request Forgery Admin Brute Force ------------------------------------------------------------------------------------------------- Application: oBlog Version: the only one there is : Download: http://www.dootzky.com/images/projects/oBlog.zip...
oBlog - Persistent Cross-Site Scripting / Cross-Site Request Forgery / Admin Brute Force
------------------------------------------------------------------------------------------------- Application: oBlog Version: the only one there is : Download: http://www.dootzky.com/images/projects/oBlog.zip Author of this full disclosure: Milos Zivanovic Vulnerabilities: Persistant XSS, CSRF,...
Viscacha 0.8 Gold persistant XSS vulnerability
No description provided by source. Viscacha 0.8 Gold persistant XSS vulnerability Found By: mrme Download: http://www.viscacha.org/ Tested On: Windows Vista Note: For educational purposes only POC Info: A regular user of the board can embed javascript code that could be executed within the contex...
Viscacha 0.8 Gold - Persistent Cross-Site Scripting
Viscacha 0.8 Gold persistant XSS vulnerability Found By: mrme Download: http://www.viscacha.org/ Tested On: Windows Vista Note: For educational purposes only POC Info: A regular user of the board can embed javascript code that could be executed within the context of the admin's browser. If the us...
MarieCMS v0.9 LFI, RFI, and XSS Vulnerabilities
Exploit for unknown platform in category web applications =============================================== MarieCMS v0.9 LFI, RFI, and XSS Vulnerabilities =============================================== OVERVIEW MarieCMS v0.9 vulnerable to following issues: ++ Remote File Inclusion ++ Local File...
Chipmunk Newsletter Persistant XSS Vulnerability
Exploit for unknown platform in category web applications ================================================ Chipmunk Newsletter Persistant XSS Vulnerability ================================================ Tested On: Windows Vista Note: For educational purposes only There’s probably a lot more...
MarieCMS 0.9 - Local File Inclusion Remote File Inclusion Cross-Site Scripting
MarieCMS 0.9 - Local File Inclusion Remote File Inclusion Cross-Site Scripting OVERVIEW MarieCMS v0.9 vulnerable to following issues: ++ Remote File Inclusion ++ Local File Inclusion ++ Persistent XSS ++ Shell Upload Authenticated User PoC Remote File Inclusion: ++++++++++++++++++++++++...