CVE-2017-7362

The CVE-2017-7362 entry concerns Pixie 1.0.4, where an XSS vulnerability exists in the admin UI via admin/index.php s=publish&m=dynamic&x=, indicating improper input handling. The connected CNVD/NVD/OSV entries corroborate a cross-site scripting vulnerability affecting Pixie 1.0.4; no exact patch...

Pixie 1.0.4 Cross Site Scripting

Exploit Title: XSS Vulnerability on Pixie 1.0.4 Google Dork: no Date: 29-03-2017 Exploit Author: @runggareksya, @dickysofficial Vendor Homepage: http://www.getpixie.co.uk Software Link:...

WPS attack tool: Penetrator-WPS

This is experimental tool that is capable of attacking multiple WPS-enabled wireless access points in real time Penetrator-WPS utilizes the pixie-dust attack every time it receives M3 message, unless it is disabled with -P – pixie-dust requires pixiewps to be installed. Installation First, you ne...

Offline WPS Bruteforce Utility: PixieWPS

Pixiewps is a tool written in C used to bruteforce offline the WPS pin exploiting the low or non-existing entropy of some APs pixie dust attack Additional Video: http://video.adm.ntnu.no/pres/549931214e18d Pixiewps requires libssl. To install it: sudo apt-get install libssl-dev Installation:...

Pixiewps - Bruteforce Offline the WPS Pin (Pixie Dust Attack)

Pixiewps is a tool written in C used to bruteforce offline the WPS pin exploiting the low or non-existing entropy of some APs pixie dust attack. It is meant for educational purposes only. All credits for the research go to Dominique Bongard. DEPENDENCIES Pixiewps requires libssl. To install it:...

PiXie CMS <= 1.04 - Multiple CSRF Vulnerabilities

No description provided by source. Add Super User: html !-- Exploit Title: PiXie CMS v1.04 = CSRF Add Super User Google Dork: allintext: Pixie Powered Date: 28/12/2010 Author: Ali Raheem AKA wolfmankurd Software Link: http://pixie-cms.googlecode.com/files/pixiev1.04.zip Version: =1.04 Tested on:...

Pixie CMS 1.0 - Multiple Local File Inclusion Vulnerabilities

No description provided by source. Digital Security Research Group DSecRG Advisory DSECRG-09-005 Application: Pixie CMS Versions Affected: 1.0 Vendor URL: http://www.getpixie.co.uk/ Bug: Multiple Local File Include Exploits: YES Reported: 29.08.2008 Vendor Response: 30.08.2008 Solution: NONE Date...

Pixie CMS 1.01 - 1.04 - Blind SQL Injections

No description provided by source. Exploit Title: Pixie CMS 1.01 - 1.04 pixieuser Blind SQL Injection Google Dork: None Date: 11/14/2011 Author: Piranha, piranhaattorontomail.com Software Link: http://www.getpixie.co.uk/ Version: 1.01 - 1.04 Tested on: Windows XP SP3, Pixie versions: 1.01 - 1.04...

Pixie 1.04 - Blog Post CSRF

No description provided by source...

pixie cms (xss/sql) Multiple Vulnerabilities

No description provided by source. Pixie CMS Multiple Vulnerabilities Pixie is a free, open source web application that will help you quickly create your own website. Many people refer to this type of software as a 'content management system cms' http://www.getpixie.co.uk. Pixie is written in PHP...

CVE-2014-3786

Multiple cross-site scripting XSS vulnerabilities in the contact module admin/modules/contact.php in Pixie CMS 1.04 allow remote attackers to inject arbitrary web script or HTML via the 1 uemail or 2 subject parameter in the Contact form to contact/...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the contact module admin/modules/contact.php in Pixie CMS 1.04 allow remote attackers to inject arbitrary web script or HTML via the 1 uemail or 2 subject parameter in the Contact form to contact/...

CVE-2014-3786

Multiple cross-site scripting XSS vulnerabilities in the contact module admin/modules/contact.php in Pixie CMS 1.04 allow remote attackers to inject arbitrary web script or HTML via the 1 uemail or 2 subject parameter in the Contact form to contact/...

CVE-2014-3786

Pixie CMS 1.04’s contact module (admin/modules/contact.php) is affected by multiple POST XSS vulnerabilities via the uemail and subject fields in the contact form. A remote attacker could inject arbitrary web script/HTML, enabling script execution in the victim’s browser on the affected site. The...

Pixie CMS 1.04 Cross Site Scripting

Pixie CMS v1.04 Contact form POST XSS Vulnerabilities Vendor: Pixie CMS Product web page: http://www.getpixie.co.uk Affected version: 1.04 Severity: Medium CVE: CVE-2014-3786 Demo page: http://demo.getpixie.co.uk Discovered by: Filippos Mastrogiannis @filipposmastro & Simone Memoli @Simon90Italy...

Pixie 1.04 CMS - Multiple XSS Vulnerabilities

Latest Pixie CMS suffers on multiple cross site scripting because of poor content and variables filtration. Title: Pixie 1.04 CMS - Multiple XSS Version: 1.04 Latest ATM Vendor: getpixie.co.uk Demo: demo.getpixie.co.uk Date: 01.26.2014 Contact: smashatdevilteam.pl 1. Cross Site Scripting - GET 'm...

Pixie v1.04 blog Add Admin Vulnerability

Exploit for php platform in category web applications =========================== Pixie v1.04 blog Add Admin =========================== Vendor : http://pixie-cms.googlecode.com/files/pixiev1.04.zip Date : 2012 Author : Aghilas Tested : win7 Home : Dz-Team.Biz | 1337day.com | l33t-sec.net EXPLOIT...

Pixie 1.04 - Blog Post Cross-Site Request Forgery

Exploit Title: Pixie v1.04 blog post CSRF Google Dork: Date: 11-Dec-2011 Author: hackme Software Link: http://pixie-cms.googlecode.com/files/pixiev1.04.zip Version: 1.04 Tested on: Linux Ubuntu 10.10 CVE : + TH4NKZ T0: broiosen,ReGun and hackgame.it + Vulnerable Url:...

Pixie 1.04 Cross Site Request Forgery

Exploit Title: Pixie v1.04 blog post CSRF Google Dork: Date: 11-Dec-2011 Author: hackme Software Link: http://pixie-cms.googlecode.com/files/pixiev1.04.zip Version: 1.04 Tested on: Linux Ubuntu 10.10 CVE : + TH4NKZ T0: broiosen,ReGun and hackgame.it + Vulnerable Url:...

Pixie v1.04 blog post CSRF

Exploit for php platform in category web applications Exploit Title: Pixie v1.04 blog post CSRF Google Dork: Date: 11-Dec-2011 Author: hackme Software Link: http://pixie-cms.googlecode.com/files/pixiev1.04.zip Version: 1.04 Tested on: Linux Ubuntu 10.10 CVE : + TH4NKZ T0: broiosen,ReGun and...