what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 17 of 17

Files from Moritz Naumann

Elgg Twitter Widget Cross Site Scripting

Posted Jan 30, 2013

Authored by Moritz Naumann

Elgg versions 1.8.12 and 1.7.16 suffer from a cross site scripting vulnerability in the Twitter Widget module.

tags | advisory, xss

SHA-256 | 0320007144203c2cbfa4115016d3b9111ca9e9c639ff2e1bf920708cb685b296

Download | Favorite | View

Alice Modem 1111 Cross Site Scripting / Denial Of Service

Posted Jul 12, 2011

Authored by Moritz Naumann

Alice Modem version 1111 suffers from cross site scripting and denial of service vulnerabilities.

tags | exploit, denial of service, vulnerability, xss

SHA-256 | c6d4533ba5d3ece3abf8995d4b267290f4ffe3d3a7c8723b500c75a026db8a0e

Download | Favorite | View

SquirrelMail Virtual Keyboard 0.9.1 Cross Site Scripting

Posted Oct 5, 2010

Authored by Moritz Naumann

SquirrelMail Virtual Keyboard plugin versions 0.9.1 and suffer from a cross site scripting vulnerability.

tags | exploit, xss

SHA-256 | a91bac14350627388057c184ca13072b38a66ed5a1695d547a0e23f34571df23

Download | Favorite | View

Horde IMP 4.3.7 Cross Site Scripting

Posted Sep 28, 2010

Authored by Moritz Naumann

Horde IMP versions 4.3.7 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss

SHA-256 | 9ff41ba9177770ccbc820350c56510861d2b3872483ac859fa61a08f09314f64

Download | Favorite | View

Horde Application Framework 3.3.8 Cross Site Scripting

Posted Sep 8, 2010

Authored by Moritz Naumann

Horde Application Framework versions 3.3.8 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss

SHA-256 | 01e9ddbfdbf4d32de19869d646b2a9456bddb547a09999086f5546c532116c2d

Download | Favorite | View

Silverstripe CMS 2.3.4 Cross Site Scripting

Posted Jan 22, 2010

Authored by Moritz Naumann

Silverstripe CMS versions 2.3.4 and below suffer from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss

SHA-256 | 0709ec68a83de79a2eab0dcab8bac9db071789e7d93d937708c1035b8c8e8658

Download | Favorite | View

Cacti 0.8.7e Cross Site Scripting

Posted Nov 27, 2009

Authored by Moritz Naumann

Cacti versions 0.8.7e and below suffer from cross site scripting and privilege escalation vulnerabilities.

tags | exploit, vulnerability, xss

advisories | CVE-2009-4032

SHA-256 | 46b2f0621a038c9d1cf8f5e9339d33346bff4eee0f4af05ef47b5f6b44a3746a

Download | Favorite | View

OpenX 2.8.1 Code Execution

Posted Nov 24, 2009

Authored by Moritz Naumann

OpenX versions 2.8.1 and below are vulnerable to remote code execution.

tags | advisory, remote, code execution

SHA-256 | 6a808fe4a1876118ed275a0f17968d069581aa4e6cb05cf27628827b81ecc0ff

Download | Favorite | View

PHP APC 3.1.1 And 3.0.19 Cross Site Scripting

Posted Dec 30, 2008

Authored by Moritz Naumann

PHP APC versions 3.1.1, 3.0.19, and probably earlier releases all suffer from a cross site scripting vulnerability.

tags | exploit, php, xss

SHA-256 | c66690481d643d9fbf46653f31c83ab29640eb3464a300d6fe92f7230590d5d5

Download | Favorite | View

sans-xss.txt

Posted Jun 16, 2008

Authored by Moritz Naumann

Apparently the SANS CMS suffers from a cross site scripting vulnerability.

tags | advisory, xss

SHA-256 | 7eb737cf0750280c844551337a865c0174fc3e3a2df2e9e282c56e84e2d68118

Download | Favorite | View

0013.txt

Posted Sep 14, 2006

Authored by Moritz Naumann | Site moritz-naumann.com

Mailman version 2.1.8 suffers from cross site scripting and log file injection vulnerabilities.

tags | exploit, vulnerability, xss

SHA-256 | 40bdec7e01b7583e1c4f60c05ebc6fef3a41a83fc2273667a7a4ec8f8c53d1af

Download | Favorite | View

0012.txt

Posted Jul 20, 2006

Authored by Moritz Naumann | Site moritz-naumann.com

WebScarab is subject to a client side script code injection vulnerability which may allow for cross site scripting attacks against web clients connecting through it.

tags | advisory, web, xss

SHA-256 | 8743267c238efa13f343583cfea9be6705e16a81ff5da7e32ea95f11aca43cd7

Download | Favorite | View

horde3113010.txt

Posted Jul 9, 2006

Authored by Moritz Naumann | Site moritz-naumann.com

Horde versions 3.1.1 and 3.0.10 suffer from multiple cross site scripting issues.

tags | exploit, xss

SHA-256 | c12ee01c2de161a799d0c280c8d2857872ff9d822da35f1f7625ebe7a1c9b6ea

Download | Favorite | View

OTRSXSS.txt

Posted Nov 30, 2005

Authored by Moritz Naumann | Site moritz-naumann.com

OTRS versions 1.x and 2.x are susceptible to cross site scripting and blind SQL injection attacks.

tags | exploit, xss, sql injection

SHA-256 | 29a93f181ca50c41c945c33f389fbc58031fd5070257f52be573f16df9624226

Download | Favorite | View

VHCSXSS.txt

Posted Nov 30, 2005

Authored by Moritz Naumann | Site moritz-naumann.com

VHCS version 2.x is susceptible to cross site scripting attacks.

tags | exploit, xss

SHA-256 | a64c886730a27fa7f9e5d60cb54bd223035aa6ac5fd5675faa7317d401c18841

Download | Favorite | View

pmwikiXSS.txt

Posted Nov 30, 2005

Authored by Moritz Naumann | Site moritz-naumann.com

PmWiki version 2.0.12 is susceptible to cross site scripting attacks.

tags | exploit, xss

SHA-256 | bb96806a02efeecb8751569e66d53ea1c75ed55feba3ba0f94f4ddad337c08d4

Download | Favorite | View

sqmadd-0002.txt

Posted Oct 5, 2005

Authored by Moritz Naumann | Site moritz-naumann.com

The Address Add Plugin for Squirrelmail versions greater than or equal to v1.4.0 suffers from a XSS vulnerability. Exploitation provided.

tags | advisory

SHA-256 | a0e63dce8ec794427f143fdcff7d8f027176e5831d4c5dfd6e3c5efb69872772

Download | Favorite | View