# Title: Ez Blog v1.0 (XSS/XSRF) Multiple Vulnerabilities
# EDB-ID: 10458
# CVE-ID: ()
# OSVDB-ID: ()
# Author: Milos Zivanovic
# Published: 2009-12-15
# Verified: yes
# Download Exploit Code
# Download N/A
view source
print?
[#-----------------------------------------------------------------------------------------------#]
[#] Title: Ez Blog (XSS/XSRF) Multiple Vulnerabilities
[#] Author: Milos Zivanovic
[#] Email: milosz.security[at]gmail.com
[#] Date: 15. December 2009.
[#-----------------------------------------------------------------------------------------------#]
[#] Application: Ez Blog
[#] Version: 1.0
[#] Platform: PHP
[#] Link: link:http://www.scriptsez.net/?action=details&cat=Content%20Management&id=2579678051
[#] Price: 15 USD
[#] Vulnerability: [...]
You can get some information about internet from here
16
Dec
16
Dec
# Title: Daloradius XSS Vulnerability
# EDB-ID: 10460
# CVE-ID: ()
# OSVDB-ID: ()
# Author: Hadi Kiamarsi
# Published: 2009-12-15
# Verified: yes
# Download Exploit Code
# Download Vulnerable app
view source
print?
###########################################
#
# Script Name : daloradius ( All Version )
#
# Bug Type : XSS vulnerability
#
# Found by : Hadi Kiamarsi
#
# Contact : hadikiamarsi [at] hotmail.com
#
# Download : http://sourceforge.net/projects/daloradius/
#
###########################################
PoC :
http://[target]/[path]/daloradius-users/login.php?error=>”><script>alert(’Hadi Kiamarsi’)</script>
example :
http://www.example.com/daloradius-users/login.php?error=>”><script>alert(’Hadi Kiamarsi’)</script>
local [...]
16
Dec
# Title: Ez Cart v1.0 Multiple XSRF Vulnerabilities
# EDB-ID: 10461
# CVE-ID: ()
# OSVDB-ID: ()
# Author: Milos Zivanovic
# Published: 2009-12-15
# Verified: yes
# Download Exploit Code
# Download N/A
view source
print?
[#-----------------------------------------------------------------------------------------------#]
[#] Title: Ez Cart Multiple XSRF Vulnerabilities
[#] Author: Milos Zivanovic
[#] Email: milosz.security[at]gmail.com
[#] Date: 15. December 2009.
[#-----------------------------------------------------------------------------------------------#]
[#] Application: Ez Cart
[#] Version: 1.0
[#] Platform: PHP
[#] Link: http://www.scriptsez.net/?action=details&cat=Content%20Management&id=2472658093
[#] Price: 25 USD
[#] Vulnerability: [...]
16
Dec
# Title: DubSite CMS v1.0 CSRF Vulnerability
# EDB-ID: 10462
# CVE-ID: ()
# OSVDB-ID: ()
# Author: Connection
# Published: 2009-12-15
# Verified: yes
# Download Exploit Code
# Download Vulnerable app
view source
print?
Pentest Information:
====================
Connection has discovered a Cross Site Request Forgery(CSRF) vulnerability in DubSite CMS v1.0
Details
=======
Tested on OS: Windows XP
Tested with Software: Mozilla Firefox 3.5.x
Vulnerable Products: DubSite CMS
Affected Versions: 1.0
Vulnerability Type: Cross [...]
16
Dec
# Title: iGaming CMS v1.5 CSRF Vulnerability
# EDB-ID: 10463
# CVE-ID: ()
# OSVDB-ID: ()
# Author: NeX
# Published: 2009-12-15
# Verified: yes
# Download Exploit Code
# Download N/A
view source
print?
NeX of the HackTalk team has found a CSRF Vulnerability in iGaming CMS v 1.5 that allows an attacker to make new administrative account, and run SQL queries.
Pentest Information:
============
NeX has discovered [...]
Top Search
Recent Posts
- Cpanel v11.25 CSRF Add FTP Account Exploit
- EZ-Oscommerce 3.1 Remote File Upload
- Mayasan Portal v2.0 (haberdetay.asp) SQL Injection Vulnerability
- Joomla Component com_spa SQL Injection Vulnerability
- Ubuntu PAM MOTD Local Root Exploit
- PHP Chat for 123 Flash Chat Remote File Inclusion Vulnerability
- Joomla Component JE Section Finder LFI Vulnerability
- Joomla Component JE Story Submit SQL Injection Vulnerability
- Speedy v1.0 Remote Shell Upload Vulnerability
- Local Privilege Escalation in InterScan Web Security Virtual
Visitor
Archives
- July 2010 (6)
- June 2010 (8)
- May 2010 (5)
- March 2010 (7)
- February 2010 (25)
- January 2010 (21)
- December 2009 (18)
- November 2009 (16)
- October 2009 (6)
- September 2009 (14)
- August 2009 (16)
- July 2009 (10)
- June 2009 (3)
- April 2009 (4)
- March 2009 (3)
- February 2009 (15)
- January 2009 (29)
- December 2008 (54)
- November 2008 (44)
- October 2008 (30)
Recent Entries
- Cpanel v11.25 CSRF Add FTP Account Exploit
- EZ-Oscommerce 3.1 Remote File Upload
- Mayasan Portal v2.0 (haberdetay.asp) SQL Injection Vulnerability
- Joomla Component com_spa SQL Injection Vulnerability
- Ubuntu PAM MOTD Local Root Exploit
- PHP Chat for 123 Flash Chat Remote File Inclusion Vulnerability
- Joomla Component JE Section Finder LFI Vulnerability
- Joomla Component JE Story Submit SQL Injection Vulnerability
- Speedy v1.0 Remote Shell Upload Vulnerability
- Local Privilege Escalation in InterScan Web Security Virtual
Recent Comments
- laspadalsecoB in Multi SEO phpBB 1.1.0 Remote File Inclusion Vulner…
- slabbanyfam in Multi SEO phpBB 1.1.0 Remote File Inclusion Vulner…
- bah in Zen Cart 1.3.8 Remote SQL Execution Exploit
- sehummel in Joomla 1.5.x (Token) Remote Admin Change Password …
- sehummel in Joomla Component com_ContentBlogList SQL Injection…
- Usdating in phportal 1.0 Insecure Cookie Handling Vulnerabilit…
- UnrewNescrect in phpBB3 addon prime_quick_style GetAdmin Exploit
- AmandaOPD in Multi SEO phpBB 1.1.0 Remote File Inclusion Vulner…
- CyclifyScieni in phpBB3 addon prime_quick_style GetAdmin Exploit
- Tranny Sex Fest in SMF 1.1.6 Filter Post Bypass
Random Selection of Posts
- Ubuntu PAM MOTD Local Root Exploit
- Joomla (Yelp Component) SQL Injection Vulnerability
- Perl$hop e-commerce Script Trust Boundary Input Parameter Injection
- ArticleLive (blogs.php?Id) SQL Injection Vulnerability
- World of Warcraft: The Wrath of the Lich King review (PC)
- JMweb MP3 (src) Multiple Local File Inclusion
- Ticket Support Script (ticket.php) Remote Shell Upload Vulnerability
Theme designed by MILD-INFO.COM