Wednesday, August 25, 2010

[site update] 08-11-2010 to 08-26-201

08-26-2010
------------
Added advisories:
http://yehg.net/lab/pr0js/advisories/joomla/%5Bcom_bc%5D_cross_site_scripting
http://yehg.net/lab/pr0js/advisories/joomla/%5Bcom_bcaccount%5D_persistent_cross_site_scripting
http://yehg.net/lab/pr0js/advisories/joomla/%5Bcom_blastchatc%5D_cross_site_scripting


08-24-2010
------------
Updated Hacker Web Search Aggregator (aka. Ultimate Recon)
http://yehg.net/q

Updated PHP Charset Encoder
http://yehg.net/e
 
 
08-20-2010
--------------
Added advisory:
http://yehg.net/lab/pr0js/view.php/%5Bphpmyadmin-3.3.5%5D_cross_site_scripting(XSS)


08-18-2010
--------------
Added two advisories:
 1. Ad Bard Network(adbard.net)  - network-wide Cross Site Scripting Vulnerability
    http://yehg.net/lab/pr0js/view.php/[adbard.net]_xss
 2. Linkbucks.com XSS & URL Redirection Vulnerabilities
    http://yehg.net/lab/pr0js/view.php/[linkbucks.com]_xss,redirect

  
08-14-2010
--------------
Added new article - Most Neglected Fact About CSRF
http://yehg.net/lab/pr0js/view.php/A_Most-Neglected_Fact_About_CSRF.pdf


Divided advisory section into sub categories - commercial, open-source, web site
http://yehg.net/lab/#advisories


08-11-2010
--------------
Added  xss payload files with different extensions (jpg,css, js,htc) , mostly from from ha.kcers.org
http://yehg.net/lab/#words

Added common apache log files location for reference that aids in LFI attack
http://yehg.net/lab/pr0js/pentest/wordlists/others/apache_logs_loc.txt