Unfixed XSS vulnerability at www.planetluc.com

Security researcher ByWolweriaN, has submitted on 23/03/2009 a cross-site-scripting XSS vulnerability affecting www.planetluc.com, which at the time of submission ranked 727289 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 04/11/2011. It is...

[Full-disclosure] MyNews 1.6.X HTML/JS Injection Vulnerability

I know its basic, but I am a supporter of FD and therefore planetluc.com has to be blamed now! I checked their script MyNews in version 1.6.4 today and then some other versions, all are vulnerable to HTML and JS injection. --- ADVISORY --- ---------------------------- || WWW.SMASH-THE-STACK.NET |...

planetluc-xss.txt

I know its basic, but I am a supporter of FD and therefore planetluc.com has to be blamed now! I checked their script MyNews in version 1.6.4 today and then some other versions, all are vulnerable to HTML and JS injection. --- ADVISORY --- ---------------------------- || WWW.SMASH-THE-STACK.NET |...

CVE-2006-6648

PHP remote file inclusion vulnerability in main.inc.php in planetluc.com RateMe 1.3.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the pathtoscript parameter...