{Lostmon´s Group} Elgg 1.8 beta2 and prior to 1.7.11 'container_guid' and 'owner_guid' SQL Injection

2011-08-16 Thread Lostmon lords
## Elgg 1.8 beta2 and prior to 1.7.11 'container_guid' and 'owner_guid' SQL Injection Vendor URL: http://www.elgg.org/ Advisore: http://lostmon.blogspot.com/2011/08/elgg-18-beta2-and-prior-to-1711.html Vendor notify: YES exploit available: YES

Calisto light, light plus and full, Sql Injection And user or Admin bypass

2011-08-15 Thread Lostmon lords
## Calisto light, light plus and full, Sql Injection And user or Admin bypass Vendor URL: http://www.calistosoft.com.ar/ Advisore: http://lostmon.blogspot.com/2011/08/calisto-light-light-plus-and-full-sql.html Vendor notify: YES exploit available:

Fwd: {Lostmon´s Group} Internet Explorer 6, 7 and 8 Window.open race condition Vulnerability

2011-08-10 Thread Lostmon lords
# Internet Explorer 6, 7 and 8 Window.open race condition Vulnerability Vendor URL: http://www.microsoft.com Advisore: http://lostmon.blogspot.com/2011/08/internet-explorer-6-7-and-8-windowopen.html Coordinate Dislcosure: YES exploit available: Private

{Lostmon - Groups} Safari for windows Invalid SGV text style Webkit.dll DoS

2010-08-30 Thread Lostmon lords
### Safari for windows Invalid SGV text style Webkit.dll DoS Vendor URL:www.apple.com Advisore:http://lostmon.blogspot.com/2010/08/safari-for-windows-invalid-sgv-text.html Vendor notify :Yes exploit available :YES

Flock Browser 3.0.0.3989 Malformed Bookmark XSS and script insertion

2010-08-19 Thread Lostmon lords
# Flock Browser 3.0.0.3989 Malformed Bookmark XSS Vendor URL: http://beta.flock.com/ Advisore: http://lostmon.blogspot.com/2010/08/flock-browser-3003989-malformed.html Vendor notify:NO exploits availables:YES # Flock

Fwd: {Lostmon´s Group} Safari for windows Long link DoS

2010-08-04 Thread Lostmon lords
: Vendor patch: Proof Of Concept ### #!/usr/bin/perl # safari k-meleon Long a href Link DoS # Author: Lostmon Lords lost...@gmail.com http://lostmon.blogspot.com # Safari 5.0.1

Fwd: {Lostmon´s Group} K-Meleon for windows about:n eterror Stack Overflow DoS

2010-08-04 Thread Lostmon lords
### #!/usr/bin/perl # k-meleon Long a href Link DoS # Author: Lostmon Lords lost...@gmail.com http://lostmon.blogspot.com # k-Meleon versions 1.5.3 1.5.4 internal page about:neterror DoS # generate the file open it with k-keleon click in the link and wait

Fwd: {Lostmon´s Group} Re: Wowd search client multi ple variable xss (solution)

2009-11-03 Thread Lostmon lords
hello I receive today this response from word search engine developer i test the new version of Wowd client ( 1.3.1 ) and this issue http://lostmon.blogspot.com/2009/10/wowd-search-client-multiple-variable.html is now solved. Thnx for your time !!! -- Forwarded message -- From:

Fwd: Wowd search client multiple variable xss

2009-10-29 Thread Lostmon lords
## Wowd search client multiple variable xss Vendor URL: http://www.wowd.com/ Advisore:http://lostmon.blogspot.com/2009/10/ wowd-search-client-multiple-variable.html Vendor notify:yes exploit available:yes ##

Fwd: Google Chrome About:blank Spoof

2009-07-28 Thread Lostmon lords
all details in my blog = http://lostmon.blogspot.com/2009/07/google-chrome-aboutblank-spoof.html and here ### ### Google Chrome About:blank spoof vendor url:www.google.com