webSPELL 4.2.0e - page Blind SQL Injection

webSPELL 4.2.0e - page Blind SQL Injection !/usr/bin/perl use LWP::UserAgent; use HTTP::Cookies; use Getopt::Long; '/ -.- ------------------oOO------OOo----------------- | | | / / / / | | / / / / / / / / / / / | | // // / / / // / // / // | | ///,// /./,/, // | | Security Research Division //...

webSPELL <= 4.2.0e (page) Remote Blind SQL Injection Exploit

Exploit for unknown platform in category web applications ============================================================ webSPELL = 4.2.0e page Remote Blind SQL Injection Exploit ============================================================ !/usr/bin/perl use LWP::UserAgent; use HTTP::Cookies; use...

webSPELL 4.2.0e - &#039;page&#039; Blind SQL Injection

!/usr/bin/perl use LWP::UserAgent; use HTTP::Cookies; use Getopt::Long; '/ -.- ------------------oOO------OOo----------------- | | | / / / / | | / / / / / / / / / / / | | // // / / / // / // / // | | ///,// /./,/, // | | Security Research Division // 2oo9 |...

webSPELL &lt;= 4.2.0d Local File Disclosure Exploit (.c linux)

No description provided by source. / webSPELL = 4.2.0d Local File Disclosure Exploit .c linux by Juri Gianni aka yeat - stakerathotmaildotit Description ----------- webSPELL contains one flaw that allows an attacker to disclose a local file. The issue is due to 'picture.php' script not properly...

webSPELL 4.2.0d Local File Disclosure

/ webSPELL ------------------------------ Possible Fix: $file = pregreplace'/^a-zA-Z0-9/','',addslashes$GET'id'; otherwise if $GET'id' variable is an...

webSPELL <= 4.2.0d Local File Disclosure Exploit (.c linux)

Exploit for unknown platform in category web applications =========================================================== webSPELL = 4.2.0d Local File Disclosure Exploit .c linux =========================================================== / webSPELL = 4.2.0d Local File Disclosure Exploit .c linux...

webSPELL 4.2.0d (Linux) - Local File Disclosure (C)

webSPELL 4.2.0d Linux - Local File Disclosure C / webSPELL ------------------------------ Possible Fix: $file = pregreplace'/^a-zA-Z0-9/','',addslashes$GET'id'; otherwise if $...

webSPELL 4.2.0d (Linux) - Local File Disclosure

/ webSPELL ------------------------------ Possible Fix: $file = pregreplace'/^a-zA-Z0-9/','',addslashes$GET'id'; otherwise if $GET...

Cross site scripting

Cross-site scripting XSS vulnerability in webSPELL 4.2.0c allows remote attackers to inject arbitrary web script or HTML allows remote attackers to inject arbitrary web script or HTML via Javascript events such as onmouseover in nested BBcode tags, as demonstrated using 1 email, 2 img, and 3 url...

CVE-2009-1408

Cross-site scripting XSS vulnerability in webSPELL 4.2.0c allows remote attackers to inject arbitrary web script or HTML allows remote attackers to inject arbitrary web script or HTML via Javascript events such as onmouseover in nested BBcode tags, as demonstrated using 1 email, 2 img, and 3 url...

CVE-2009-1408

Cross-site scripting XSS vulnerability in webSPELL 4.2.0c allows remote attackers to inject arbitrary web script or HTML allows remote attackers to inject arbitrary web script or HTML via Javascript events such as onmouseover in nested BBcode tags, as demonstrated using 1 email, 2 img, and 3 url...

CVE-2009-1408

CVE-2009-1408 affects webSPELL 4.2.0c with a cross-site scripting (XSS) flaw in BBCode handling. The described vulnerability enables remote attackers to inject arbitrary web script or HTML by abusing Javascript events (e.g., onmouseover) inside nested BBCode tags (email, img, url). Multiple sourc...

webSPELL 4.2.0c--XSS &#40;BYPASS BBCODE&#41; COOKIES STEALING VULNERABILITY--

webSPELL 4.2.0c XSS BYPASS BBCODE COOKIES STEALING VULNERABILITY ---------------- CMS INFORMATION: ---------------- --WEB: http://www.webspell.org/ affected too --DOWNLOAD: http://www.webspell.org/download.php?fileID=22 --DEMO: http://www.webspell.org/index.php?site=demo --CATEGORY: CMS / Portals...

webSPELL 4.2.0c Bypass BBCode XSS Cookie Stealing Vulnerability

No description provided by source. || || || -----------------------------------------\ == -- ----------- ---------------------------- ------------------/ ¡VIVA SPAIN!...¡GANAREMOS EL MUNDIAL!...o.O PROUD TO BE SPANISH! -------------------...

webSPELL 4.2.0c Bypass BBCode XSS Cookie Stealing Vulnerability

Exploit for unknown platform in category web applications =============================================================== webSPELL 4.2.0c Bypass BBCode XSS Cookie Stealing Vulnerability ===============================================================...

webSPELL 4.2.0c XSS Cookie Stealing

webSPELL 4.2.0c XSS BYPASS BBCODE COOKIES STEALING VULNERABILITY ---------------- CMS INFORMATION: ---------------- --WEB: http://www.webspell.org/ affected too --DOWNLOAD: http://www.webspell.org/download.php?fileID=22 --DEMO: http://www.webspell.org/index.php?site=demo --CATEGORY: CMS / Portals...

webSPELL 4.2.0c - Bypass BBCode Cross-Site Scripting Cookie Stealing

webSPELL 4.2.0c - Bypass BBCode Cross-Site Scripting Cookie Stealing || || || -----------------------------------------\ == -- ----------- ---------------------------- ------------------/ ¡VIVA SPAIN!...¡GANAREMOS EL MUNDIAL!...o.O PROUD TO BE SPANISH!...

webSPELL 4.2.0c - Bypass BBCode Cross-Site Scripting Cookie Stealing

|| || || -----------------------------------------\ == -- ----------- ---------------------------- ------------------/ ¡VIVA SPAIN!...¡GANAREMOS EL MUNDIAL!...o.O PROUD TO BE SPANISH! ---------------------------------------------------------------------------------------------- | XSS BYPASS...

webSPELL 4.01.02 Edit Topics Vulnerability

+=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=+=--=--=--=--=--=-+ | webSPELL = 4.01.02 id Remote Edit Topics Vulnerability | Note | +=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=+=--=--=--=--=--=-+ | discovered by athos - stakerathotmaildotit | magic quotes 0 | |...

webSPELL &lt;= 4.01.02 (id) Remote Edit Topics Vulnerability

No description provided by source. +=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=+=--=--=--=--=--=-+ | webSPELL = 4.01.02 id Remote Edit Topics Vulnerability | Note | +=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=+=--=--=--=--=--=-+ | discovered by athos -...