hi list,
I noticed on my HTC Hermes with latest available WM6 (not 6.1!), that
after I entered the password for my WLAN, auto-copletion knows the
phrase and suggests my WLAN-password for almost any input-field.
Further, the memory for passwordstorage is way too small. I can enter
my whole password
Hi list,
Omegasoft's Insel 7 stores Cookies on your computer for identifying
the logged-in user.
As these Cookies do not contain any password hash but only the
username and some meaningless stuff you can easily get into the system
with another login.
this gets even more easy, as there is a conclu
Hi list,
Parameters being transferred per $_GET aren't sanitised properly.
http://name.tld/CGI-Bin/frame.html?Mehr=xxx
Everyone can read any comment and its poster, although it should be
readable only for superiors
http://name.tld/CGI-Bin/frame.html?Mehr=xxx&SUPER=x
You can see, which superviso
Input passed to fields in OmegaMw7's tables isn't properly sanitized
before being returned to the user. This can be exploited to execute
arbitrary HTML and script code in a user's browser session in context
of an affected site and/or inject SQL-Commands
This applies to many many standard fields i
On my WBB 2.3.3 (and i think, this is the default setting) you cannot
access register.php when logged in (even as admin). So you need to be
logged off to open the evil site. And when you are logged off, the
cookie is simply useless.
Also, on my Forum, only r_dateformat and r_timeformat are affect
Hi list,
there is a XSS in Zwahlen's Online Shop. I can only test the free
version, but i think, other versions may be vulnerable, too.
http://host/article.htm?cat=alert("fix your bugs!")
Kind Regards
MC.Iglo
Hello, world ;)
Input passed to multiple parameters in index.php isn't properly
sanitised before being returned to the user. This can be exploited to
execute HTML and script code in a user's browser session in context of
an affected site with limitation of ' and ".
This may also affect prior vers
Hi list.
There are lots of SQL injections and XSS in the 'Eichhorn Portal' by
'Guder und Koch Netzwerktechnik' and their own website.
Input passed to multiple parameters in different PHP-files isn't
properly sanitised before being returned to the user.
This can be exploited to execute arbitrary
Hi together,
This also works on serveral web-pages of this product.
http://host/OmegaMw7a.ASP?WCI=Logon&WCE=0;alert(unescape(document.cookie));
There might be some ways for SQL-Injection, too, but i am not willing
to try this at the real system :)
Vendor notified as CC
regards
MC.Iglo
