Search results
-
Kasseler CMS 2 r1223 CSRF / XSS / SQL Injection
Kasseler CMS version 2 r1223 suffers from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities. Advisory ID: HTB23158 Product: Kasseler CMS Vendor: Kasseler CMS Vulnerable Version(s): 2 r1223 and probably prior Tested Version: 2 r1223 Vendor Notification...- Prince
- Thread
- Replies: 0
- Forum: Websites Vulnerability / Exploits
-
WordPress 3.5.1 Cross Site Scripting
WordPress versions 3.5.1 and below suffer from multiple cross site scripting vulnerabilities. Hello list! These are Cross-Site Scripting vulnerabilities in WordPress. Which I've disclosed last week. At WordPress 3.5.2 release, WP developers mentioned about three holes as "security...- Prince
- Thread
- Replies: 0
- Forum: Websites Vulnerability / Exploits
-
P\a\y\P\a\l Enumeration / Information Disclosure
The PayPal Hong Kong marketing site suffers from information disclosure, user enumeration, and bruteforcing vulnerabilities. Title: ====== PayPal Bug Bounty MKT HK #63 - Multiple Vulnerabilities Date: ===== 2013-06-26 References: ===========...- Prince
- Thread
- Replies: 8
- Forum: Websites Vulnerability / Exploits
-
Windows 7 SP1 Local Access SYSTEM Compromise
If you have physical access to a Microsoft Windows 7 SP1 instance, you can leverage the "Launch startup Repair" functionality to gain SYSTEM access. ############################################################################################## # Discovered by: Anastasios Monachos (secuid0) -...- Prince
- Thread
- Replies: 0
- Forum: Websites Vulnerability / Exploits
-
Cotonti 0.9.13 SQL Injection
Cotonti version 0.9.13 suffers from a remote SQL injection vulnerability.- Prince
- Thread
- Replies: 0
- Forum: Websites Vulnerability / Exploits
-
WordPress Comment Extra Fields 1.7 CSRF / XSS
WordPress Comment Extra Fields plugin version 1.7 suffers from cross site request forgery and cross site scripting vulnerabilities.- Prince
- Thread
- Replies: 0
- Forum: Websites Vulnerability / Exploits
-
MojoPortal 2.3.9.7 Cross Site Scripting
MojoPortal version 2.3.9.7 suffers from a stored cross site scripting vulnerability.- Prince
- Thread
- Replies: 0
- Forum: Websites Vulnerability / Exploits
-
Oracle Hyperion 11 Directory Traversal
Oracle Hyperion 11 suffers from a directory traversal vulnerability. Versions 11.1.1.3, 11.1.1.4.107 and earlier, 11.1.2.1.129 and earlier, and 11.1.2.2.305 and earlier are affected.- Prince
- Thread
- Replies: 0
- Forum: Websites Vulnerability / Exploits
-
TP-Link TL-SC3171 Command Execution / Shell Upload / Bypass
Core Security Technologies Advisory - TP-Link TL-SC3171 IP Cameras suffer from OS command injection, use of hard-coded credentials, authentication bypass, and missing authentication vulnerabilities.- Prince
- Thread
- Replies: 0
- Forum: Websites Vulnerability / Exploits
-
FluxBB 1.5.3 XSS / CSRF / URL Redirection
FluxBB version 1.5.3 suffers from cross site scripting, cross site request forgery, and URL redirection vulnerabilities.- Prince
- Thread
- Replies: 0
- Forum: Websites Vulnerability / Exploits
-
Joomla Googlemaps 3.2 Cross Site Scripting / Denial Of Service
Joomla Googlemaps plugin version 3.2 suffers from cross site scripting and denial of service vulnerabilities.- Prince
- Thread
- Replies: 0
- Forum: Websites Vulnerability / Exploits
-
Symantec Web Gateway XSS / CSRF / SQL Injection / Command Injection
Symantec Web Gateway versions 5.1.0.* and below suffer from cross site request forgery, cross site scripting, command injection, and remote SQL injection vulnerabilities.- Prince
- Thread
- Replies: 1
- Forum: Websites Vulnerability / Exploits
-
Galil-RIO Modbus Denial Of Service
Galil RIO-47100 with firmware prior to 1.1d suffers from a denial of service vulnerability. # Exploit Title: Galil RIO-47100 # Date: 05-01-2013 # Exploit Author: Sapling # Vendor Homepage: www.galilmc.com # Version: Rio Firmware Prior to 1.1d...- Prince
- Thread
- Replies: 0
- Forum: Websites Vulnerability / Exploits
-
Powershell Payload Web Delivery
This Metasploit module quickly fires up a web server that serves the payload in powershell. The provided command will start powershell and then download and execute the payload. The IEX command can also be extracted to execute directly from powershell. The main purpose of this module is to...- Prince
- Thread
- Replies: 0
- Forum: Websites Vulnerability / Exploits
-
Alienvault OSSIM Cross Site Scripting
Alienvault OSSIM versions prior to 4.3.0 suffer from multiple reflective cross site scripting vulnerabilities. # Title: Alienvault OSSIM Open Source SIEM 4.2.3 Multiple Reflected XSS Vulnerabilities # Date: July 25, 2013 # Author: xistence ( xistence[@]0x90[.]nl )...- Prince
- Thread
- Replies: 0
- Forum: Websites Vulnerability / Exploits
-
WordPress I Love It XSS / Content Spoofing / Path Disclosure
The WordPress I Love It theme suffers from cross site scripting, content spoofing, and path disclosure vulnerabilities. Hello list! These are Cross-Site Scripting, Content Spoofing and Full path disclosure vulnerabilities in I Love It theme for WordPress. This is commercial (premium) theme...- Prince
- Thread
- Replies: 0
- Forum: Websites Vulnerability / Exploits
-
Open-Xchange AppSuite 7.2.2 Phishing / Data Injection
Open-Xchange AppSuite versions 7.2.2 and below suffer from phishing and data injection vulnerabilities. Product: Open-Xchange AppSuite Vendor: Open-Xchange GmbH Internal reference: 27473 (Bug ID) Vulnerability type: Phishing / Data injection Vulnerable version: 7.2.2 and earlier Vulnerable...- Prince
- Thread
- Replies: 0
- Forum: Websites Vulnerability / Exploits
-
Jahia xCM 6.6.1.0 r43343 Cross Site Scripting
Jahia xCM version 6.6.1.0 r43343 suffers from multiple cross site scripting vulnerabilities. Advisory ID: HTB23159 Product: Jahia xCM Vendor: Jahia Solutions Group SA Vulnerable Version(s): 6.6.1.0 r43343 and probably prior Tested Version: 6.6.1.0 r43343 Vendor Notification: June 5, 2013 Vendor...- Prince
- Thread
- Replies: 0
- Forum: Websites Vulnerability / Exploits
-
Pagolin-Amazing SQL Injection Tool
Database support: Access,DB2,Informix,Microsoft SQL Server 2000,Microsoft SQL Server 2005,Microsoft SQL Server 2008,MySQL,Oracle,PostgreSQL,Sqlite3,Sybase. HTTPS support Pre-Login Proxy Specify any HTTP headers(User-agent, Cookie, Referer and so on) Bypass firewall setting Auto-analyzing...- Prince
- Thread
- Replies: 23
- Forum: Hacking Tools and Programs
-