Changes in 126.96.36.199
Fixed incorrect action status when adding new list
Fixed missing translation parameter in loading disabled list message
Added "listex" command to disable or enable list exception usage
Added "except_proxy" configuration to set public proxy detection exception usage
Added "except_mylist" configuration to set my list item detection exception usage
File information: Blacklist 188.8.131.52
Another GeoIP update.
Changes in 0.3.0.24
- geoip_c.h was updated with GeoIPCountryWhois.csv released on June 7'th; there are 123310 IP ranges having 94 ranges in the fake "A1" country; 91 ranges were approximated to real countries
File information: AdvOR 0.3.0.24
Finally, after a couple of years, ApexDC++ developers have fixed
the NMDC search exploit that I was speaking about
earlier. Everyone should update to latest version 1.6.2
. Now I also can say that only StrongDC++ is left of all the popular clients.
Due to new OpenSSL vulnerabilities
the library was updated to latest version 1.0.2h
Changes in 0.3.0.23
- the OpenSSL library was updated to openssl-1.0.2h
- geoip_c.h was updated with GeoIPCountryWhois.csv released on May 3'rd; there are 121733 IP ranges having 94 ranges in the fake "A1" country; 91 ranges were approximated to real countries
File information: AdvOR 0.3.0.23
Vulnerable page: http://www.technicolor.com/search/
In order to reproduce the bug, you have to replace any forward slash /
with backslash \
because forward slash is being URL encoded.
POST /search/ HTTP/1.1
You can either include any XSS code in search input box, or request any XSS code directly using POST method and search_block_form
Note: This is a proof of concept and it doesn't reflect the views or interests of above websites.