Posts

Showing posts from February, 2012

Dolphin 7.0.7 <= Multiple Cross Site Scripting Vulnerabilities (CVE-2012-0873)

1. OVERVIEW Dolphin 7.0.7 and lower versions are vulnerable to Cross Site Scripting. 2. BACKGROUND Dolphin is the only "all-in-one" free community software platform for creating your own social networking, community or online dating site without any limits and under your full control. Dolphin comes with hundreds of features, module plugins and tools. Everything is included and extension posibilities are literally endless. You can use it for free with a BoonEx link in the footer or buy a $99 permanent license to remove that requirement. 3. VULNERABILITY DESCRIPTION Multiple parameters (explain,photos_only,online_only,mode) were not properly sanitized, which allows attacker to conduct Cross Site Scripting attack. This may allow an attacker to create a specially crafted URL that would execute arbitrary script code in a victim's browser. 4. VERSIONS AFFECTED 7.0.7 and lower 5. PROOF-OF-CONCEPT/EXPLOIT Vulnerable Parameter: explain http://localhos

OxWall 1.1.1 <= Multiple Cross Site Scripting Vulnerabilities (CVE-2012-0872)

1. OVERVIEW OxWall 1.1.1 and lower versions are vulnerable to Cross Site Scripting. 2. BACKGROUND Oxwall is a free open source software package for building social networks, family sites and collaboration systems. It is a flexible community website engine developed with the aim to provide people with a well-coded, user-friendly software platform for social needs. It is easy to set up, configure and manage Oxwall while you focus on your site idea. We are testing the concept of free open source community software for complete (site,sub-site setups) and partial (widgets,features) community and collaboration solutions for companies and individuals. 3. VULNERABILITY DESCRIPTION Multiple parameters were not properly sanitized, which allows attacker to conduct Cross Site Scripting attack. This may allow an attacker to create a specially crafted URL that would execute arbitrary script code in a victim's browser. 4. VERSIONS AFFECTED 1.1.1 and lower 5. PROOF-OF-CONCE

[WhatWeb] 7 New Plugins

Image
7 new WhatWeb plugins have been added. https://github.com/yehgdotnet/whatweb-plugins/tree/master/new-plugins

Tool Update: OWASP Joomla! Vulnerability Scanner

Our OWASP vulnerability scanner has been updated with the 200 vulnerability entries contributed by web-center.si  team. Please svn up. svn co https://joomscan.svn.sourceforge.net/svnroot/joomscan/trunk/ joomscan Have fun securing your Joomla! CMS! As usual, send your contributions and bug reports to joomscan at yehg.net .

CubeCart 3.0.20 (3.0.x) and lower | Open URL Redirection Vulnerability (CVE-2012-0865)

1. OVERVIEW The CubeCart 3.0.20 and lower versions are vulnerable to Open URL Redirection. 2. BACKGROUND CubeCart is an "out of the box" ecommerce shopping cart software solution which has been written to run on servers that have PHP & MySQL support. With CubeCart you can quickly setup a powerful online store which can be used to sell digital or tangible products to new and existing customers all over the world. 3. VULNERABILITY DESCRIPTION The CubeCart 3.0.20 and lower versions contain a flaw that allows a remote cross site redirection attack. This flaw exists because the application does not properly sanitise the parameters,"goto", "r" and "redir".  This allows an attacker to create a specially crafted URL, that if clicked, would redirect a victim from the intended legitimate web site to an arbitrary web site of the attacker's choice. 4. VERSIONS AFFECTED 3.0.20 and lower (aka 3.0.x family) 5. PROOF-OF-CONCEPT/EXP

Site Update: firewalkx tool

firewalkx     This is a pre-compiled ready-to-run Firewalk for BackTrack Distro. This is a fixed version for the famous Firewalk tool ( http://packetstormsecurity.org/UNIX/audit/firewalk/ .) that couldn't be compiled on modern nix boxes due to compilation errors. Modified fixed source code included. Download:  http://code.google.com/p/firewalk/downloads/detail?name=%5Byehg.net%5DFirewallk-5.0-fixed.bz2&can=2&q= Platform: BackTrack 5+ Distro Language: C SHA1: 1cbbfee94befda4935dfa8f3ea3320142ef429da For those of you who are new to Firewalk: Firewalk is an active reconnaissance network security tool that attempts to determine what layer 4 protocols a given IP forwarding device will pass. Firewalk project works by sending out UDP or TCP packets with a TTL one greater than the targeted gateway. If the gateway allows the traffic, it will forward the packets to the next hop where they will expire and elicit an ICMP_TIME_EXCEEDED message. If the gateway h

Site Update: Hacker Web Directory

The Hacker Web Directory has been updated with over 2133 distributed links (alternatively 2006 compact links). http://yehg.net/hwd/ As usual, sites may come and go.  If your favourite links haven't been included, feel free to post them here as comments. Thanks for your visiting.