Lucene search
K

243 matches found

xssed
xssed
added 2011/02/16 12:0 a.m.17 views

Unfixed XSS vulnerability at s2.asmandez.ir

Security researcher Securitylab.ir, has submitted on 16/02/2011 a cross-site-scripting XSS vulnerability affecting s2.asmandez.ir, which at the time of submission ranked 66039 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 11/12/2011. It is...

6.6AI score
Exploits0References1
securityvulns
securityvulns
added 2010/12/28 12:0 a.m.103 views

Asan Portal (IdehPardaz) Multiple Vulnerabilities

Securitylab.ir Application Info: Name: Asan Portal Vendor: http://iptech.ir/default.aspx?id=130 Vulnerability: Denial of Service: http://site.ir/Modules/Administrative/ShowPhotos/ShowImages.aspx?id=922&FieldName=ContentImage1&w=1000&h=1000 With setting of large values of width and height it's...

0.7AI score
Exploits0
Packet Storm
Packet Storm
added 2010/12/27 12:0 a.m.35 views

Sigma Portal Denial Of Service

Securitylab.ir Application Info: Name: Sigma Portal Vendor: http://www.sigma.ir Vulnerability Info: Type: Denial of Service Risk: Medium 2010-08-11 - Vendor notified Vulnerability: http://site.ir/Portal/Picture/ShowObjectPicture.aspx?Width=%27910000&Height=1099000-=&ObjectType=News&ObjectID=Pictu...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2010/12/27 12:0 a.m.26 views

Asan Portal SQL Injection

Securitylab.ir Application Info: Name: Asan Portal Vendor: http://iptech.ir/default.aspx?id=130 Vulnerability: Denial of Service: http://site.ir/Modules/Administrative/ShowPhotos/ShowImages.aspx?id=922&FieldName=ContentImage1&w=1000&h=1000 With setting of large values of width and height it's...

0.4AI score
Exploits0
xssed
xssed
added 2010/12/21 12:0 a.m.8 views

Unfixed XSS vulnerability at srco.ir

Security researcher Securitylab.ir, has submitted on 21/12/2010 a cross-site-scripting XSS vulnerability affecting srco.ir, which at the time of submission ranked 249941 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 11/12/2011. It is currentl...

6.6AI score
Exploits0References1
xssed
xssed
added 2010/12/21 12:0 a.m.10 views

Unfixed XSS vulnerability at iritn.com

Security researcher Securitylab.ir, has submitted on 21/12/2010 a cross-site-scripting XSS vulnerability affecting iritn.com, which at the time of submission ranked 165855 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 11/12/2011. It is...

6.6AI score
Exploits0References1
xssed
xssed
added 2010/12/20 12:0 a.m.15 views

Unfixed XSS vulnerability at www.highportal.net

Security researcher Securitylab.ir, has submitted on 20/12/2010 a cross-site-scripting XSS vulnerability affecting www.highportal.net, which at the time of submission ranked 0 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 13/01/2012. It is...

6.6AI score
Exploits0References1
xssed
xssed
added 2010/11/29 12:0 a.m.12 views

Unfixed Frame Redirect vulnerability at www.tavanir.org.ir

Security researcher Securitylab.ir, has submitted on 29/11/2010 a Frame Redirect vulnerability affecting www.tavanir.org.ir, which at the time of submission ranked 92039 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 21/12/2011. It is currentl...

7.1AI score
Exploits0References1
xssed
xssed
added 2010/11/17 12:0 a.m.47 views

Unfixed XSS vulnerability at wasc.ir

Security researcher Securitylab.ir, has submitted on 17/11/2010 a cross-site-scripting XSS vulnerability affecting wasc.ir, which at the time of submission ranked 0 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 28/12/2011. It is currently...

6.6AI score
Exploits0References1
xssed
xssed
added 2010/11/13 12:0 a.m.10 views

Unfixed XSS vulnerability at members.parsdata.com

Security researcher Securitylab.ir, has submitted on 13/11/2010 a cross-site-scripting XSS vulnerability affecting members.parsdata.com, which at the time of submission ranked 96332 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 13/01/2012. It...

6.6AI score
Exploits0References1
securityvulns
securityvulns
added 2010/09/24 12:0 a.m.54 views

Opera Web Browser v10.62 (CSS) Cross Domain Vulnerability

Proof Of Concept: 1.html: body bodyDOM: Cross Domain Vulnerability 2.html: style @import url"1.html"; /style script setTimeoutfunction var s = document.body.currentStyle.DOM; alerts; ,0; /script Vulnerable: Opera 10.62 By: Securitylab.ir Original Advisory: http://Securitylab.ir/Advisories...

Exploits0
Packet Storm
Packet Storm
added 2010/09/24 12:0 a.m.26 views

Netscape 9.0.0.6 Cross Domain

PoC: 1.html: bodyDOM: Cross Domain Vulnerability 2.html: @import url"1.html"; setTimeoutfunction var s = document.body.currentStyle.DOM; alerts; ,0; Vulnerable: Netscape v9.0.0.6 By: Securitylab.ir Original Advisory: http://Securitylab.ir/Advisories...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2010/08/30 12:0 a.m.23 views

Flash Player 9 DLL Hijacking Exploit (schannel.dll)

======================================================= Flash player 9.exe DLL Hijacking Exploit schannel.dll ======================================================= Founded By: Securitylab.ir Kamran Safaei Tabrizi ======================================================= include "stdafx.h" void in...

0.7AI score
Exploits0
Packet Storm
Packet Storm
added 2010/08/28 12:0 a.m.19 views

Flash Player 9 DLL Hijacking Exploit

======================================================= Flash player 9.exe DLL Hijacking Exploit schannel.dll ======================================================= Founded By: Securitylab.ir Kamran Safaei Tabrizi ======================================================= include "stdafx.h" void in...

0.7AI score
Exploits0
securityvulns
securityvulns
added 2010/07/24 12:0 a.m.48 views

Mozilla Firefox 3.5.x Address Bar Spoofing Vulnerability

Spoof Code: script language="javascript" function pausepd date = new Date; var curDate = null; do var curDate = new Date; whilecurDate-date pd; function Spoofing win = window.open'http://www.google.com','new' pause 3000 win = window.open'http://www.Securitylab.ir','new' /script a href="javascript...

Exploits0
seebug.org
seebug.org
added 2010/07/24 12:0 a.m.13 views

Internet Explorer Address Bar Spoofing Vulnerability

.. IE8/7/6 Waiting for patch script function Spoof pd=window.open'http://www.yahoo.com', '','location=1'; pd.location.replace'http://www.microsoft.com/'; /script p align="center" bfont face="Calibri"Internet Explorer Address Bar Spoofing Vulnerability IE8,IE7,IE6/font/b/p p align="center" /p p...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2010/07/24 12:0 a.m.61 views

SeaMonkey 2.0.5 Address Bar Spoofing Vulnerability

Spoof Code: script language="javascript" function pausepd date = new Date; var curDate = null; do var curDate = new Date; whilecurDate-date pd; function Spoofing win = window.open'http://www.google.com','new' pause 13000 win = window.open'http://www.Securitylab.ir','new' /script a href="javascrip...

0.2AI score
Exploits0
0day.today
0day.today
added 2010/07/23 12:0 a.m.14 views

Clickjacking Web Browser Multiple Vulnerability (FF3.6.7/SM 2.0.6)

Exploit for windows platform in category remote exploits ================================================================== Clickjacking Web Browser Multiple Vulnerability FF3.6.7/SM 2.0.6 ================================================================== FF3.6.7/SM 2.0.6 ClickJacking Vulnerabili...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2010/07/23 12:0 a.m.24 views

Multiple Browsers (FF3.6.7/SM 2.0.6) - Clickjacking

FF3.6.7/SM 2.0.6 ClickJacking Vulnerability function clickjackarmorevt clickjackmouseX=evt.pageX?evt.pageX:evt.clientX; clickjackmouseY=evt.pageY?evt.pageY:evt.clientY; document.getElementById'mydiv'.style.left=clickjackmouseX-1; document.getElementById'mydiv'.style.top=clickjackmouseY-1; Firefox...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2010/07/18 12:0 a.m.24 views

Avant Browser 11.7 Build 45 Clickjack

Avant Browser V11.7 build 45 Clickjacking ClickJacking function updateboxevt mouseX=evt.pageX?evt.pageX:evt.clientX; mouseY=evt.pageY?evt.pageY:evt.clientY; document.getElementById'open'.style.left=mouseX-2; document.getElementById'open'.style.top=mouseY-2; Go to the google.com ClickJacking/...

7.4AI score
Exploits0
Rows per page
Query Builder