##
Elgg 1.8 beta2 and prior to 1.7.11 'container_guid' and 'owner_guid'
SQL Injection
Vendor URL: http://www.elgg.org/
Advisore:
http://lostmon.blogspot.com/2011/08/elgg-18-beta2-and-prior-to-1711.html
Vendor notify: YES exploit available: YES
##
Calisto light, light plus and full, Sql Injection And user or Admin bypass
Vendor URL: http://www.calistosoft.com.ar/
Advisore:
http://lostmon.blogspot.com/2011/08/calisto-light-light-plus-and-full-sql.html
Vendor notify: YES exploit available:
#
Internet Explorer 6, 7 and 8 Window.open race condition Vulnerability
Vendor URL: http://www.microsoft.com
Advisore:
http://lostmon.blogspot.com/2011/08/internet-explorer-6-7-and-8-windowopen.html
Coordinate Dislcosure: YES exploit available: Private
###
Safari for windows Invalid SGV text style Webkit.dll DoS
Vendor URL:www.apple.com
Advisore:http://lostmon.blogspot.com/2010/08/safari-for-windows-invalid-sgv-text.html
Vendor notify :Yes exploit available :YES
#
Flock Browser 3.0.0.3989 Malformed Bookmark XSS
Vendor URL: http://beta.flock.com/
Advisore:
http://lostmon.blogspot.com/2010/08/flock-browser-3003989-malformed.html
Vendor notify:NO exploits availables:YES
#
Flock
:
Vendor patch:
Proof Of Concept
###
#!/usr/bin/perl
# safari k-meleon Long a href Link DoS
# Author: Lostmon Lords lost...@gmail.com http://lostmon.blogspot.com
# Safari 5.0.1
###
#!/usr/bin/perl
# k-meleon Long a href Link DoS
# Author: Lostmon Lords lost...@gmail.com http://lostmon.blogspot.com
# k-Meleon versions 1.5.3 1.5.4 internal page about:neterror DoS
# generate the file open it with k-keleon click in the link and wait
hello
I receive today this response from word search engine developer
i test the new version of Wowd client ( 1.3.1 ) and this issue
http://lostmon.blogspot.com/2009/10/wowd-search-client-multiple-variable.html
is now solved.
Thnx for your time !!!
-- Forwarded message --
From:
##
Wowd search client multiple variable xss
Vendor URL: http://www.wowd.com/
Advisore:http://lostmon.blogspot.com/2009/10/
wowd-search-client-multiple-variable.html
Vendor notify:yes exploit available:yes
##
all details in my blog =
http://lostmon.blogspot.com/2009/07/google-chrome-aboutblank-spoof.html
and here
###
###
Google Chrome About:blank spoof
vendor url:www.google.com
10 matches
Mail list logo