Re: phpinfo() XSS Vulnerability

I tested it with php 5.1.6 and 5.2.6 and seems not work. The request_uri's content is encoded before to be printed: /phpinfo.php?+%3CScRipT%3Ealert(011100110110010101100011011101010111001001101001011101000001);%3C/sCrIpT%3E+ -- Salvatore Fresta aka Drosophila http://www.salvatorefrest

MX Simulator Server 2010-02-06 Remote Buffer Overflow PoC

MX Simulator Server is affected by a remote stack overflow. This bug was found by Luigi Auriemma. A Proof of Concept can be found on the following link: http://www.salvatorefresta.net/files/poc/PoC-MXSimulatorServer2010-02-06.zip -- Salvatore Fresta aka Drosophila http

Re: Vulnerabilities in WeBAM

Are they the same bugs reported by you in a previous e-mail with subject "Vulnerabilities in CaptchaSecurityImages" ? -- Salvatore Fresta aka Drosophila http://www.salvatorefresta.net CWNP444351

Re: [Suspected Spam]New vulnerabilities in CMS SiteLogic

d to know the access to the control panel). Many web hosting provider doesn't allow an user to execute commands using the classic functions, such as system, shell_execute and others. -- Salvatore Fresta aka Drosophila http://www.salvatorefresta.net CWNP444351

New vulnerabilities in CMS SiteLogic

e that can be used to execute commands or other operations on the target server, but it isn't a direct command execution vulnerability, understand? The my is only a clarification. -- Salvatore Fresta aka Drosophila http://www.salvatorefresta.net CWNP444351

Family Connections 2.2.3 Multiple Remote Vulnerabilities

-- Salvatore Fresta aka Drosophila http://www.salvatorefresta.net CWNP444351 Family Connections 2.2.3 Multiple Remote Vulnerabilities Name Family Connections Vendorhttp://www.familycms.com Versions Affected 2.2.3 AuthorSalvatore Fresta aka Drosophila

Re: Vulnerabilities in Sebo - webstore

ntf C function, will you send an e-mail for each software that uses it? A friendly advice for the future: more information about the bugs and fewer links to your site. -- Salvatore Fresta aka Drosophila http://www.salvatorefresta.net CWNP444351

Re: Vulnerabilities in Sebo - webstore

ges.php. > Still the same "bugs"?! A question: if you find (ad absurdum) a bug in the printf C function, will you send an e-mail for each software that uses it? -- Salvatore Fresta aka Drosophila http://www.salvatorefresta.net CWNP444351

REVISION: iScripts EasySnaps 2.0 Multiple SQL Injection Vulnerabilities

iScripts EasySnaps 2.0 Multiple SQL Injection Vulnerabilities Name iScripts EasySnaps Vendorhttp://www.iscripts.com Versions Affected 2.0 AuthorSalvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact

iScripts ReserveLogic 1.0 SQL Injection Vulnerability

iScripts ReserveLogic 1.0 SQL Injection Vulnerability Name iScripts ReserveLogic Vendorhttp://www.iscripts.com Versions Affected 1.0 AuthorSalvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact

iScripts CyberMatch 1.0 Blind SQL Injection Vulnerability

-- Salvatore Fresta aka Drosophila http://www.salvatorefresta.net CWNP444351 iScripts CyberMatch 1.0 Blind SQL Injection Vulnerability Name iScripts CyberMatch Vendorhttp://www.iscripts.com Versions Affected 1.0 AuthorSalvatore Fresta aka Drosophila

iScripts SocialWare 2.2.x Multiple Remote Vulnerability

iScripts SocialWare 2.2.x Multiple Remote Vulnerability Name iScripts SocialWare Vendorhttp://www.iscripts.com Versions Affected 2.2.x AuthorSalvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact

iScripts MultiCart 2.2 Multiple SQL Injection Vulnerability

iScripts MultiCart 2.2 Multiple SQL Injection Vulnerability Name iScripts MultiCart Vendorhttp://www.iscripts.com Versions Affected 2.2 AuthorSalvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact

Canteen Joomla Component 1.0 Multiple Remote Vulnerabilities

Canteen Joomla Component 1.0 Multiple Remote Vulnerabilities Name Canteen Vendorhttp://www.miniwork.eu Versions Affected 1.0 AuthorSalvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefresta [at

ArtForms 2.1b7.2 RC2 Joomla Component Multiple Remote Vulnerabilities

ArtForms 2.1b7.2 RC2 Joomla Component Multiple Remote Vulnerabilities Name ArtForms Vendorhttp://joomlacode.org/gf/project/jartforms/ Versions Affected 2.1b7.2 RC2 AuthorSalvatore Fresta aka Drosophila Website http://www.salvatorefresta.net

Sandbox 2.0.3 Multiple Remote Vulnerabilities

Sandbox 2.0.3 Multiple Remote Vulnerabilities Name Sandbox Vendorhttp://www.iguanadons.net Versions Affected 2.0.3 AuthorSalvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefresta [at] gmail [dot

RedShop 1.0.23.1 Joomla Component Blind SQL Injection Vulnerability

RedShop 1.0.23.1 Joomla Component Blind SQL Injection Vulnerability Name RedShop Vendorhttp://redweb.dk Versions Affected 1.0.23.1 AuthorSalvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefresta

WhiteBoard 0.1.30 Multiple Blind SQL Injection Vulnerabilities

WhiteBoard 0.1.30 Multiple Blind SQL Injection Vulnerabilities Name WhiteBoard Vendorhttp://sarosoftware.com Versions Affected 0.1.30 AuthorSalvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact

TTVideo 1.0 Joomla Component SQL Injection Vulnerability

TTVideo 1.0 Joomla Component SQL Injection Vulnerability Name TTVideo Vendorhttp://www.toughtomato.com Versions Affected 1.0 AuthorSalvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefresta [at

Appointinator 1.0.1 Joomla Component Multiple Remote Vulnerabilities

Appointinator 1.0.1 Joomla Component Multiple Remote Vulnerabilities Name Appointinator Vendorhttp://appointinator.chemeia.info Versions Affected 1.0.1 AuthorSalvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact

PhotoMap Gallery 1.6.0 Joomla Component Multiple Blind SQL Injection

PhotoMap Gallery 1.6.0 Joomla Component Multiple Blind SQL Injection Name PhotoMap Gallery Vendorhttp://photoindochina.com Versions Affected 1.6.0 AuthorSalvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact

PBBooking 1.0.4_3 Joomla Component Multiple Blind SQL Injection

PBBooking 1.0.4_3 Joomla Component Multiple Blind SQL Injection Name PBBooking Vendorhttp://sourceforge.net/projects/pbbooking/ Versions Affected 1.0.4_3 AuthorSalvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact

Spielothek 1.6.9 Joomla Component Multiple Blind SQL Injection

Spielothek 1.6.9 Joomla Component Multiple Blind SQL Injection Name Spielothek Vendorhttp://www.spielban.de Versions Affected 1.6.9 AuthorSalvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefresta

cgTestimonial 2.2 Joomla Component Multiple Remote Vulnerabilities

cgTestimonial 2.2 Joomla Component Multiple Remote Vulnerabilities Name cgTestimonial Vendorhttp://www.cmsgalaxy.com Versions Affected 2.2 AuthorSalvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact

Teams 1_1028_100809_1711 Joomla Component Multiple Blind SQL Injection Vulnerabilities

Teams 1_1028_100809_1711 Joomla Component Multiple Blind SQL Injection Vulnerabilities Name Teams Vendorhttp://www.joomlamo.com Versions Affected 1_1028_100809_1711 AuthorSalvatore Fresta aka Drosophila Website http://www.salvatorefresta.net

Amblog 1.0 Joomla Component Multiple SQL Injection Vulnerabilities

Amblog 1.0 Joomla Component Multiple SQL Injection Vulnerabilities Name Amblog Vendorhttp://robitbt.hu Versions Affected 1.0 AuthorSalvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefresta [at

Jgrid 1.0 Joomla Component Local File Inclusion Vulnerability

Jgrid 1.0 Joomla Component Local File Inclusion Vulnerability Name Jgrid Vendorhttp://datagrids.clubsareus.org Versions Affected 1.0 AuthorSalvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact

Re: Re: Amblog 1.0 Joomla Component Multiple SQL Injection Vulnerabilities

No, it isn't a good idea. You can use always Jrequest::getVar specifing the type (http://api.joomla.org/Joomla-Framework/Environment/JRequest.html#getVar). The allowed types are: INT, FLOAT, BOOLEAN, WORD, ALNUM, CMD, BASE64, STRING, ARRAY, PATH. Regards. -- Salvatore Fresta aka Droso

Biblioteca 1.0 Beta Joomla Component Multiple SQL Injection Vulnerabilities

Biblioteca 1.0 Beta Joomla Component Multiple SQL Injection Vulnerabilities Name Biblioteca Vendorhttp://www.cielostellato.info Versions Affected 1.0 Beta AuthorSalvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact

TimeTrack 1.2.4 Joomla Component Multiple SQL Injection Vulnerabilities

TimeTrack 1.2.4 Joomla Component Multiple SQL Injection Vulnerabilities Name TimeTrack Vendorhttp://www.itrn.de Versions Affected 1.2.4 AuthorSalvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact

JE Guestbook 1.0 Joomla Component Multiple Remote Vulnerabilities

JE Guestbook 1.0 Joomla Component Multiple Remote Vulnerabilities Name JE Guestbook Vendorhttp://www.joomlaextensions.co.in Versions Affected 1.0 AuthorSalvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact

JS Calendar 1.5.1 Joomla Component Multiple Remote Vulnerabilities

JS Calendar 1.5.1 Joomla Component Multiple Remote Vulnerabilities Name JS Calendar Vendorhttp://www.joomlaseller.com Versions Affected 1.5.1 AuthorSalvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact

AlstraSoft E-Friends 4.96 Multiple Remote Vulnerabilities

AlstraSoft E-Friends 4.96 Multiple Remote Vulnerabilities Name AlstraSoft E-Friends Vendorhttp://www.alstrasoft.com Versions Affected 4.96 AuthorSalvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact

Revision: Audacity <= 1.3 Beta Multiple Local Vulnerabilities ===> Audacity <= 1.3 Beta DLL Hijacking Vulnerability

Audacity <= 1.3 DLL Hijacking Vulnerability Name Audacity Vendorhttp://audacity.sourceforge.net Versions Affected <= 1.3 Beta Author Salvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefres

Audacity <= 1.3 Beta Multiple Local Vulnerabilities

Audacity <= 1.3 Beta Multiple Local Vulnerabilities Name Audacity Vendorhttp://audacity.sourceforge.net Versions Affected <= 1.3 Beta Author Salvatore Fresta aka Drosophila Website http://www.salvatorefresta.net C

Zen Cart 1.3.9h Local File Inclusion Vulnerability

Zen Cart 1.3.9h Local File Inclusion Vulnerability Name Zen Cart Vendorhttp://www.zen-cart.com Versions Affected 1.3.9h AuthorSalvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefresta [at] gmail

JQuarks4s Joomla Component 1.0.0 Blind SQL Injection Vulnerability

JQuarks4s Joomla Component 1.0.0 Blind SQL Injection Vulnerability Name JQuarks4s Vendor http://www.iptechinside.com/labs/projects/list_files/jquarks-for-surveys Versions Affected 1.0.0 AuthorSalvatore Fresta aka Drosophila Website http

eBlog 1.7 Multiple SQL Injection Vulnerabilities

eBlog 1.7 Multiple SQL Injection Vulnerabilities Name eBlog Vendorhttps://emuci.com Versions Affected 1.7 AuthorSalvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefresta [at] gmail [dot] com

Blink Blog System Authentication Bypass

-- Salvatore Fresta aka drosophila CWNP444351 Salvatore "drosophila" Fresta [+] Application: Blink Blog System [+] Version: Unknown [+] Website: http://blogink.sourceforge.net [+] Bugs: [A] Authentication Bypass [+] Exploitation: Remote [+] Date: 0

Discloser 0.0.4-rc2 SQL Injection Vulnerability

-- Salvatore Fresta aka drosophila CWNP444351 Salvatore "drosophila" Fresta [+] Application: Discloser [+] Version: 0.0.4-rc2 [+] Website: http://discloser.sourceforge.net/ [+] Bugs: [A] SQL Injection [+] Exploitation: Remote [+] Date: 21 Feb 2004 [+] Dis

Nullam Blog Multiple Remote Vulnerabilities

-- Salvatore Fresta aka drosophila CWNP444351 Salvatore "drosophila" Fresta [+] Application: Nullam Blog [+] Version: 0.1.2 [+] Website: http://nullam.net/ [+] Bugs: [A] Local File Inclusion [B] File Disclosure [C] Multiple Blind SQL

T-HTB Manager Mutiple Blind SQL Injection

0 Sep 2009 [+] Discovered by: Salvatore Fresta aka drosophila [+] Author: Salvatore Fresta aka drosophila [+] E-mail: drosophilaxxx [at] gmail.com *** [+] Menu 1) Bugs 2) Code 3) Fix *** [+] Bugs - [A] Mult

E-Store SQL Injection Vulnerability

E-Store SQL Injection Vulnerability Name E-Store Vendorhttp://www.getaphpsite.com AuthorSalvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefresta [at] gmail [dot] com Date 2009-09-03

Digital Scribe 1.4.1 Multiple SQL Injection Vulnerabilities

Digital Scribe 1.4.1 Multiple SQL Injection Vulnerabilities Name Digital Scribe Vendorhttp://www.digital-scribe.org Versions Affected 1.4.1 AuthorSalvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact

phpCollegeExchange 0.1.5c Multiple SQL Injection Vulnerabilities

phpCollegeExchange 0.1.5c Multiple SQL Injection Vulnerabilities Name phpCollegeExchange Vendorhttp://phpcollegeex.sourceforge.net Versions Affected 0.1.5c AuthorSalvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact

Miniweb 2.0 Full Path Disclosure

Miniweb 2.0 Full Path Disclosure Name Miniweb 2.0 Vendorhttp://www.miniweb2.com AuthorSalvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefresta [at] gmail [dot] com Date 2009-12-12 X

B2C Booking Centre Systems - SQL Injection Vulnerability

B2C Booking Centre Systems - SQL Injection Vulnerability Name B2D Booking Centre Systems Vendorhttp://www.bookingcentre.eu AuthorSalvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefresta [at] gmail

WSCreator 1.1 Blind SQL Injection

WSCreator 1.1 Blind SQL Injection Name WSCreator Vendorhttp://www.wscreator.com Versions Affected 1.1 AuthorSalvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefresta [at] gmail [dot] com Date

Family Connections <= 2.1.3 Multiple Remote Vulnerabilities

Family Connections <= 2.1.3 Multiple Remote Vulnerabilities  Name              Family Connections  Vendor            http://www.familycms.com  Versions Affected <= 2.1.3  Author            Salvatore Fresta aka Drosophila  Website           http://www.salvatorefresta.net  C