|
|
Colapse all |
Post message
RE: Multiple Xss exploits in coolphp magazine 2006-05-27 black code (black-cod3 hotmail com) >Subject: Multiple Xss exploits in coolphp magazine >Date: 27 May 2006 14:25:31 -0000 >Multiple Xss exploits in coolphp magazine > >script type : coolphp magazine >bug found by : black-code & sweet-devil >team : site-down >type : Xss > >Codes : > >******* > >http://www.xxx.com/coolphp/index.php?op= [ more ] [ reply ] [SECURITY] [DSA 1082-1] New Linux kernel 2.4.17 packages fix several vulnerabilities 2006-05-29 Moritz Muehlenhoff (jmm debian org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ -- Debian Security Advisory DSA 1082-1 security (at) debian (dot) org [email concealed] http://www.debian.org/security/ Martin Schulze, Dann Frazier May 29th, 2006 [ more ] [ reply ] WikiNi Persistent Cross Site Scripting Vulnerability 2006-05-29 raphael huck free fr Hi, I've found a vulnerability more than 2 months ago, and notified the developers, but still no answer, so I'm posting here. http://zone14.free.fr/advisories/3/ Vendor: WikiNi Vulnerable: WikiNi 0.4.2 and below Persistent Cross Site Scripting A persistent XSS vulnerability is the mo [ more ] [ reply ] Multiple Xss exploits in Chipmunk Board 2006-05-27 black code (black-cod3 hotmail com) >Subject: Multiple Xss exploits in Chipmunk Board >Date: 27 May 2006 10:51:30 -0000 >Multiple Xss exploits in Chipmunk Board > >forum type : Chipmunk Board >bug found by : black-code&sweet-devil >team : site-down >type : Xss > >black-code: > >codes : > >http://www.example.com/board/index.php?forumI [ more ] [ reply ] New SMB and DCERPC features on Impacket released with doc 2006-05-29 Gerardo Richarte (lists core-sdi com) Hi! As we promised in the too short 5 minutes talk at CanSecWest last month, here we are publishing a new version of Impacket including all the new features we added for SMB and DCERPC. At the same time we are releasing a document describing what this new and weird features are, full of example [ more ] [ reply ] Foing Remote File Include Vulnerability [PHPBB] 2006-05-29 s3rv3r_hack3r yahoo com vendor : phpbbhacks.com Exploit BY :s3rv3r_hack3r WWW : http://www.hackerz.ir Exploit >>> /* Foing Remote File Include exploit By s3rv3r_hack3r */ #include <stdio.h> #include <stdlib.h> #include <string.h> #include <unistd.h> #include <sys/types.h> #include <sys/socket.h> #include <ne [ more ] [ reply ] UBBThreads 5.x,6.x md5 hash disclosure 2006-05-29 chris splices org UBBThreads 5.x,6.x md5 hash disclosure ------------------------------------------- Using XSS such as the one reported earlier: http://[site]/[ubbpath]/index.php?debug=[xss] will allow you to inject javascript and steal MD5 Hashes from: http://[site]/[ubbpath]/editbasic.php The MD5 is a [ more ] [ reply ] [KAPDA::#45] - geeklog multiple vulnerabilities 2006-05-29 alireza hassani (trueend5 yahoo com) KAPDA New advisory Vendor: http://www.geeklog.net Bugs: Path Disclosure, XSS, SQL Injection (Authentication bypass) Vulnerable Version: geeklog-1.4.0sr2(prior versions also may be affected) Exploitation: Remote with browser Description: -------------------- geeklog is a freely available PHP-bas [ more ] [ reply ] Xss exploit in Photoalbum B&W v1.3 2006-05-28 black-cod3 hotmail com Xss exploit in Photoalbum B&W v1.3 forum type : Photoalbum B&W v1.3 bug found by : black-code & sweet-devil team : site-down type : Xss #################################################### exploit : http://www.example.com/superalbum/index.php?pic='><script>alert(10)</scr ipt> ###### [ more ] [ reply ] VARIOMAT(advanced cms tool)SQL injection/XSS 2006-05-28 CrAzY CrAcKeR hotmail com =================================== Discovery By: CrAzY CrAcKeR Site: www.alshmokh.com nono225-mHOn-rageh-LoverHacker Breeeeh-LiNuX_rOOt-BoNy_m-rootshill =================================== Example:- /news.php?mode=single&view=act&item=76&subcat=[SQL] /news.php?mode=single&view=act&item= [ more ] [ reply ] Advisory: Blend Portal <= 1.2.0 for phpBB 2.x(blend_data/blend_common.php) File Inclusion Vulnerability 2006-05-28 Mustafa Can Bjorn IPEKCI (nukedx nukedx com) (1 replies) --Security Report-- Advisory: Blend Portal <= 1.2.0 for phpBB 2.x (blend_data/blend_common.php) File Inclusion Vulnerability. --- Author: Mustafa Can Bjorn "nukedx a.k.a nuker" IPEKCI --- Date: 28/05/06 07:52 PM --- Contacts:{ ICQ: 10072 MSN/Email: nukedx (at) nukedx (dot) com [email concealed] Web: http://www.nukedx.com } -- [ more ] [ reply ] RE: Advisory: Blend Portal <= 1.2.0 for phpBB 2.x(blend_data/blend_common.php) File Inclusion Vulnerability 2006-05-29 austin best (austin_inc hotmail com) Advisory: UBBThreads 5.x,6.x Multiple File InclusionVulnerabilities. 2006-05-28 Mustafa Can Bjorn IPEKCI (nukedx nukedx com) --Security Report-- Advisory: UBBThreads 5.x,6.x Multiple File Inclusion Vulnerabilities. --- Author: Mustafa Can Bjorn "nukedx a.k.a nuker" IPEKCI --- Date: 27/05/06 09:44 PM --- Contacts:{ ICQ: 10072 MSN/Email: nukedx (at) nukedx (dot) com [email concealed] Web: http://www.nukedx.com } --- Vendor: Infopop (http://www.infopop. [ more ] [ reply ] Advisory: ASPSitem <= 2.0 Multiple Vulnerabilities. 2006-05-28 Mustafa Can Bjorn IPEKCI (nukedx nukedx com) --Security Report-- Advisory: ASPSitem <= 2.0 Multiple Vulnerabilities. --- Author: Mustafa Can Bjorn "nukedx a.k.a nuker" IPEKCI --- Date: 27/05/06 08:26 PM --- Contacts:{ ICQ: 10072 MSN/Email: nukedx (at) nukedx (dot) com [email concealed] Web: http://www.nukedx.com } --- Vendor: ASPSitem (http://www.aspsitem.com) Version: 2. [ more ] [ reply ] Advisory: phpBB 2.x (Activity MOD Plus) File InclusionVulnerability. 2006-05-28 Mustafa Can Bjorn IPEKCI (nukedx nukedx com) --Security Report-- Advisory: phpBB 2.x (Activity MOD Plus) File Inclusion Vulnerability. --- Author: Mustafa Can Bjorn "nukedx a.k.a nuker" IPEKCI --- Date: 27/05/06 07:49 PM --- Contacts:{ ICQ: 10072 MSN/Email: nukedx (at) nukedx (dot) com [email concealed] Web: http://www.nukedx.com } --- Vendor: phpBB-Amod (http://www.phpbb [ more ] [ reply ] Advisory: phpBB 2.x (admin/admin_hacks_list.php) Local InclusionVulnerability. 2006-05-28 Mustafa Can Bjorn IPEKCI (nukedx nukedx com) --Security Report-- Advisory: phpBB 2.x (admin/admin_hacks_list.php) Local Inclusion Vulnerability. --- Author: Mustafa Can Bjorn "nukedx a.k.a nuker" IPEKCI --- Date: 27/05/06 07:37 PM --- Contacts:{ ICQ: 10072 MSN/Email: nukedx (at) nukedx (dot) com [email concealed] Web: http://www.nukedx.com } --- Vendor: Nivisec (http:// [ more ] [ reply ] Advisory: Eggblog <= 3.x Multiple Remote Vulnerabilities 2006-05-28 Mustafa Can Bjorn IPEKCI (nukedx nukedx com) (1 replies) --Security Report-- Advisory: Eggblog <= 3.x Multiple Remote Vulnerabilities --- Author: Mustafa Can Bjorn "nukedx a.k.a nuker" IPEKCI --- Date: 27/05/06 06:15 PM --- Contacts:{ ICQ: 10072 MSN/Email: nukedx (at) nukedx (dot) com [email concealed] Web: http://www.nukedx.com } --- Vendor: Eggblog (http://www.eggblog.net/) Version [ more ] [ reply ] Advisory: F@cile Interactive Web <= 0.8x Multiple RemoteVulnerabilities. 2006-05-28 Mustafa Can Bjorn IPEKCI (nukedx nukedx com) --Security Report-- Advisory: F@cile Interactive Web <= 0.8x Multiple Remote Vulnerabilities. --- Author: Mustafa Can Bjorn "nukedx a.k.a nuker" IPEKCI --- Date: 27/05/06 05:57 PM --- Contacts:{ ICQ: 10072 MSN/Email: nukedx (at) nukedx (dot) com [email concealed] Web: http://www.nukedx.com } --- Vendor: Facile (http://www.facil [ more ] [ reply ] Advisory: Enigma Haber <= 4.3 Multiple Remote SQL InjectionVulnerabilities 2006-05-28 Mustafa Can Bjorn IPEKCI (nukedx nukedx com) --Security Report-- Advisory: Enigma Haber <= 4.3 Multiple Remote SQL Injection Vulnerabilities --- Author: Mustafa Can Bjorn "nukedx a.k.a nuker" IPEKCI --- Date: 27/05/06 05:16 PM --- Contacts:{ ICQ: 10072 MSN/Email: nukedx (at) nukedx (dot) com [email concealed] Web: http://www.nukedx.com } --- Vendor: EnigmaASP (http://www. [ more ] [ reply ] Advisory: tinyBB <= 0.3 Multiple Remote Vulnerabilities. 2006-05-28 Mustafa Can Bjorn IPEKCI (nukedx nukedx com) --Security Report-- Advisory: tinyBB <= 0.3 Multiple Remote Vulnerabilities. --- Author: Mustafa Can Bjorn "nukedx a.k.a nuker" IPEKCI --- Date: 27/05/06 05:37 AM --- Contacts:{ ICQ: 10072 MSN/Email: nukedx (at) nukedx (dot) com [email concealed] Web: http://www.nukedx.com } --- Vendor: Epicdesigns (http://www.epicdesigns.co.uk [ more ] [ reply ] Advisory: ASPBB <= 0.52 (perform_search.asp) XSS vulnerability 2006-05-28 Mustafa Can Bjorn IPEKCI (nukedx nukedx com) --Security Report-- Advisory: ASPBB <= 0.52 (perform_search.asp) XSS vulnerability --- Author: Mustafa Can Bjorn "nukedx a.k.a nuker" IPEKCI --- Date: 27/05/06 04:26 PM --- Contacts:{ ICQ: 10072 MSN/Email: nukedx (at) nukedx (dot) com [email concealed] Web: http://www.nukedx.com } --- Vendor: ASPBB (www.aspbb.org) Version: 0.52 [ more ] [ reply ] Advisory: MiniNuke v2.x Multiple Remote Vulnerabilities 2006-05-28 Mustafa Can Bjorn IPEKCI (nukedx nukedx com) Dökümanlar »» Döküman oku --Security Report-- Advisory: MiniNuke v2.x Multiple Remote Vulnerabilities --- Author: Mustafa Can Bjorn "nukedx a.k.a nuker" IPEKCI --- Date: 27/05/06 03:16 PM --- Contacts:{ ICQ: 10072 MSN/Email: nukedx (at) nukedx (dot) com [email concealed] Web: http://www.nukedx.com } --- Vendor: MiniNuke (http:/ [ more ] [ reply ] Buffer overflow in QuickTime 7.0.4? 2006-05-27 John Richard Moser (nigelenki comcast net) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I'm not sure if this one is known but I see the last buffer overflows show Quicktime 7.x vulnerable and suggest upgrading to 7.0.4*. * http://docs.info.apple.com/article.html?artnum=303101 I was downloading Elephant's dream from http://osaddict.com/f [ more ] [ reply ] [USN-288-1] PostgreSQL server/client vulnerabilities 2006-05-29 Martin Pitt (martin pitt canonical com) =========================================================== Ubuntu Security Notice USN-288-1 May 29, 2006 postgresql-7.4/-8.0, postgresql, psycopg, python-pgsql vulnerabilities CVE-2006-2313, CVE-2006-2314 =========================================================== A security issue affect [ more ] [ reply ] |
|
Privacy Statement |
>Subject: multiple Xss exploits in : vCard 2.9
>Date: 27 May 2006 11:12:55 -0000
>multiple Xss exploits in : vCard 2.9
>
>forum type : vCard 2.9
>bug found by : black-code&sweet-devil
>team : site-down
>type : Xss
>
>
>sweet-devil:
>
>http://www.example.com/cards/create.php?card_id='><script>alert
[ more ] [ reply ]