exploit the possibilities

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 18 of 18

Files from Jan Fry

BMC Dashboards 7.6.01 XSS / File Reading

Posted May 5, 2011

Authored by ProCheckUp, Richard Brain, Jan Fry | Site procheckup.com

BMC Dashboards version 7.6.01 suffers from cross site scripting and arbitrary file reading vulnerabilities.

tags | exploit, arbitrary, vulnerability, xss

SHA-256 | 94e598cb8a417f4029046945b2b6cbe27cca569b5151f8df4790880703c96972

Download | Favorite | View

Mitel's AWC Command Execution

Posted Dec 21, 2010

Authored by ProCheckUp, Jan Fry | Site procheckup.com

Mitel's AWC (Mitel Audio and Web Conferencing) suffers from an unauthenticated remote command execution vulnerability.

tags | exploit, remote, web

SHA-256 | d8ebd53382f1971b52183a49644b0acc8ffacacf752faf70fcaba699b9613c61

Download | Favorite | View

PHP Universal Web Messenger Cross-Domain Redirect

Posted Dec 16, 2010

Authored by ProCheckUp, Jan Fry | Site procheckup.com

PHP Universal Web Messenger suffers from a cross-domain redirect vulnerability.

tags | exploit, web, php

SHA-256 | 3d11a6d4f9d5cdf42c90ac17922caf1bba35357aa4b5bbdfd7e1d98500977074

Download | Favorite | View

ProCheckUp Security Advisory 2009.4

Posted Feb 18, 2010

Authored by ProCheckUp, Jan Fry, George Christopoulos | Site procheckup.com

Portwise SSL VPN version 4.6 suffers from a cross site scripting vulnerability.

tags | exploit, xss

SHA-256 | d9b96b55dfa2056ae70f1178f252fe1ab57454ee9e6be79fb320310542a95c6a

Download | Favorite | View

ProCheckUp Security Advisory 2009.19

Posted Jan 29, 2010

Authored by ProCheckUp, Richard Brain, Jan Fry | Site procheckup.com

CommonSpot Server suffers from a cross site scripting vulnerability.

tags | exploit, xss

SHA-256 | df67dfe5debcbb27e0fef223695bfa6598ccdaa78f99196c76f1ec8693d28f42

Download | Favorite | View

ProCheckUp Security Advisory 2008.22

Posted Jan 30, 2009

Authored by ProCheckUp, Jan Fry | Site procheckup.com

Novell GroupWise WebAccess suffers from a cross site scripting vulnerability. Version 7.0.3 is affected.

tags | advisory, xss

advisories | CVE-2009-0273

SHA-256 | 8c6f6fe9e4d988f1180099d2a613b38e803523f9b1e5b972d27ba0320dec08c6

Download | Favorite | View

ProCheckUp Security Advisory 2007.11

Posted Nov 19, 2008

Authored by Adrian Pastor, ProCheckUp, Jan Fry | Site procheckup.com

Sun Java System Identity suffers from a cross site request forgery vulnerability. Proof of concept code included.

tags | exploit, java, proof of concept, csrf

SHA-256 | aab83ef3374bf90d0fdb9403e4cc641a2e45c39abb67680b7db155ef488b8ca9

Download | Favorite | View

ProCheckUp Security Advisory 2006.12

Posted Feb 20, 2008

Authored by Adrian Pastor, ProCheckUp, Jan Fry | Site procheckup.com

BEA Plumtree Foundation portal version 6.0 and BEA AquaLogic Interaction version 6.1 are both vulnerable to a cross site scripting vulnerability.

tags | exploit, xss

SHA-256 | 7a08c7f2e308d21418659bf94d530748edc0e377060fe39dc2ceed70fa329e2a

Download | Favorite | View

ProCheckUp Security Advisory 2008.1

Posted Feb 20, 2008

Authored by ProCheckUp, Richard Brain, Jan Fry, Bruno Kovacs | Site procheckup.com

Several cross site scripting flaws, a cross domain redirect, and a webroot disclosure exist in Spyce - Python Server Pages (PSP).

tags | exploit, xss, python

SHA-256 | 077c9b43accad72d480303905614e7aa18daede74be5a5154085b44e93788a0a

Download | Favorite | View

ProCheckUp Security Advisory 2007.38

Posted Jan 22, 2008

Authored by ProCheckUp, Jan Fry | Site procheckup.com

sIFR version 2.0.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss

SHA-256 | 2d82c6c1796407730517480445f8bd86e0c4e14f0657b9b35cf1ca6c4d13e9a7

Download | Favorite | View

ProCheckUp Security Advisory 2007.60708091012

Posted Jan 10, 2008

Authored by Adrian Pastor, ProCheckUp, Jan Fry | Site procheckup.com

Sun Java System Identity Manager version 6.0, Sun Java System Identity Manager version 7.0, and Sun Java System Identity Manager version 7.1 are susceptible to cross domain redirection, cross site scripting, and frame injection vulnerabilities.

tags | advisory, java, vulnerability, xss

SHA-256 | d6006a16a69c00bd066f6cb36ecb14b95ece02d9fc7932ef0a831f29ef9988fd

Download | Favorite | View

ProCheckUp Security Advisory 2007.39

Posted Dec 6, 2007

Authored by Adrian Pastor, ProCheckUp, Richard Brain, Jan Fry | Site procheckup.com

Directory traversal, cross site scripting, and SQL injection vulnerabilities exist in the Absolute News Manager .NET version 5.1.

tags | exploit, vulnerability, xss, sql injection

SHA-256 | c20201b4d8c8d24e7310c36b1d34160f498e4b267278ba9e50ad2889cd7016c1

Download | Favorite | View

ProCheckUp Security Advisory 2006.9

Posted Dec 4, 2007

Authored by Adrian Pastor, ProCheckUp, Richard Brain, Jan Fry | Site procheckup.com

By performing an advanced search, unauthenticated users can enumerate valid usernames with a single HTTP request on the BEA Plumtree Portal.

tags | advisory, web

SHA-256 | 776de6dc499e6ebfc575f8b19a3ac66c6953bcc956cb6a8b5c59f0a43584290a

Download | Favorite | View

ProCheckUp Security Advisory 2006.8

Posted Dec 4, 2007

Authored by Adrian Pastor, ProCheckUp, Jan Fry | Site procheckup.com

BEA Plumtree Portal is vulnerable to a internal hostname disclosure vulnerability.

tags | advisory

SHA-256 | 866b56dd83ba8330356f8847ee9d66d1be2f67a4336cc14f44ee0a485a6a593a

Download | Favorite | View

ProCheckUp Security Advisory 2007.14

Posted Dec 2, 2007

Authored by Adrian Pastor, ProCheckUp, Jan Fry | Site procheckup.com

The F5 FirePass 4100 SSL VPN is susceptible to cross site scripting vulnerabilities in my.activation.php3.

tags | exploit, vulnerability, xss

SHA-256 | f93567dd019619dc99df7b77129c40ab79f517ee69a40dd6ed1e64a113c580e3

Download | Favorite | View

ProCheckUp Security Advisory 2007.26

Posted Nov 16, 2007

Authored by ProCheckUp, Jan Fry | Site procheckup.com

The Aruba 800 is vulnerable to a persistent cross site scripting vulnerability on the administrator login screen.

tags | exploit, xss

SHA-256 | 3e73dcdf74055dee74b222dec88feb100ce0260e700825e3d8fd7ec82381a1cf

Download | Favorite | View

ProCheckUp Security Advisory 2007.13

Posted Nov 13, 2007

Authored by Adrian Pastor, ProCheckUp, Jan Fry | Site procheckup.com

A cross site scripting vulnerability exists in F5 Networks FirePass versions 5.4 through 5.5.2 and versions 6.0 through 6.0.1.

tags | advisory, xss

SHA-256 | 51540fba61ee07c114e319066190f0cda6e0b78c22a023ed48a9ce08149e0dd6

Download | Favorite | View

dotnet-bypass.txt

Posted Apr 7, 2007

Authored by Adrian Pastor, Richard Brain, Jan Fry | Site procheckup.com

By understanding how ASP .NET malicious request filtering functions, ProCheckUp has found that it is possible to bypass ASP .NET request filtering and perform cross site scripting and HTML injection attacks.

tags | exploit, xss, asp, bypass

SHA-256 | 4b78fe2bdca6f7c490f51b3622de9ef13cf64b7899eaa6f8f39a70a7ab3ae074

Download | Favorite | View