exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 16 of 16 RSS Feed

Files from Vicente Aguilera Diaz

Email addressvaguilera at isecauditors.com
First Active2006-03-02
Last Active2015-10-16
Google Open Redirect
Posted Oct 16, 2015
Authored by Vicente Aguilera Diaz

The Google generic TLD and ccTLD suffer from an open redirection vulnerability.

tags | exploit
SHA-256 | 2efe35fa05f198a9263df0eeaaff4d6930be6f1b639a8d847a7ef850f3ddfac4
Boxcryptor Cross Site Scripting
Posted Feb 14, 2014
Authored by Vicente Aguilera Diaz

Boxcryptor.com suffered from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | aab48458247a4d57f3545b2250a6b9478315321df0e69c78e7b61de5f2d118d3
Atmail WebMail 7.0.2 Cross Site Scripting
Posted Feb 7, 2014
Authored by Vicente Aguilera Diaz

Atmail WebMail version 7.0.2 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2013-6229
SHA-256 | 23b2b53a8d67a1e32d07fc9e6327ecca13eddf018a35f4a70313e79d7dc615ec
Project'Or RIA 3.4.0 SQL Injection
Posted Nov 5, 2013
Authored by Vicente Aguilera Diaz

Project'Or RIA version 3.4.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2013-6164
SHA-256 | 994b42a23c4f6da7f39c572a3975c13a575414930eac772b4f02905a50d8c355
Project'Or RIA 3.4.0 Cross Site Scripting
Posted Nov 5, 2013
Authored by Vicente Aguilera Diaz

Project'Or RIA version 3.4.0 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2013-6163
SHA-256 | 4939ebe50ee1824f871a19246958da91b44eab3ea21fdd422e8494f230995c9a
Atmail WebMail 7.0.2 Cross Site Scripting
Posted Mar 27, 2013
Authored by Vicente Aguilera Diaz

Atmail WebMail versions 7.0.2 and below suffer from a reflective cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2013-2585
SHA-256 | ff5341ba2491f38ee1944030bf777bbf3463e21753cdd0caff3312068641c1b0
LinkedIn Cross Site Request Forgery
Posted Mar 25, 2013
Authored by Vicente Aguilera Diaz

LinkedIn suffers from a cross site request forgery vulnerability in the "Add Connections" invitation functionality.

tags | exploit, csrf
SHA-256 | c5b139a72bbd7b02ada9279c197de33ad532f99e9aef4a08b3dc7dd686b75a16
Oracle AS Portal 10.1.2 Cross Site Scripting
Posted May 2, 2011
Authored by Vicente Aguilera Diaz

Oracle AS Portal 10g version 10.1.2 suffers from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 01be71d80b7fe81294b6d74a1e6891d5fdc895d42564fa1b40b6c153a2cb4167
Atmail WebMail Cross Site Scripting
Posted Sep 21, 2010
Authored by Vicente Aguilera Diaz

Atmail Webmail suffers from a cross site scripting vulnerability. Versions prior to 6.2.0 are affected.

tags | exploit, xss
SHA-256 | cb6f90aa2c4b5814e7f1cc5ff1519d4fa832cced07f124d15e44fbe5111fb627
Tuenti.com Insecure Direct Object Reference
Posted Sep 21, 2010
Authored by Vicente Aguilera Diaz

Tuenti.com suffers from an insecure direct object reference vulnerability allowing anyone to read arbitrary blog posts.

tags | exploit, arbitrary
SHA-256 | 6f39659cdbc856ac25c93f23092ab2733e4e5ea90e0c2c8f02eb97c48177fd45
Google Gmail Cross Site Request Forgery
Posted Mar 3, 2009
Authored by Vicente Aguilera Diaz

Google's GMail service is vulnerable to cross site request forgery vulnerabilities.

tags | exploit, vulnerability, csrf
SHA-256 | 5e81bd372f765d1aa6e08bbb3574bc02f3fffd59eb60cdad2600347d27ff9d55
oracle--isa-xss.txt
Posted Jan 20, 2007
Authored by Vicente Aguilera Diaz

The Oracle Reports Web Cartridge (RWCGI60) is susceptible to cross site scripting vulnerabilities.

tags | exploit, web, vulnerability, xss
SHA-256 | abb9e38652c696f842002f0085e4b520d7499222cd79a15df00e7c482b217a87
121106.pdf
Posted Dec 12, 2006
Authored by Vicente Aguilera Diaz | Site webappsec.org

The Web Application Security Consortium is proud to present 'MX Injection: Capturing and Exploiting Hidden Mail Servers'. This article discusses how an attacker can inject additional commands into an online web mail application communicating with an IMAP/SMTP server.

tags | paper, web, imap
SHA-256 | 94bd8b84698e67eb59003ab5d105584a50366e226a59e7e88a6db217ff2cff30
ISAA-2006-011.txt
Posted Dec 6, 2006
Authored by Vicente Aguilera Diaz

Improper command and information validation transmitted by Hastymail to the mail servers during the normal use of this application facilitates that an authenticated malicious user could inject arbitrary IMAP/SMTP commands into the mail servers used by Hastymail across parameters used by the webmail front-end in its communication with these mail servers. This vulnerability has been found in development version 1.5 and stable version 1.0.2.

tags | exploit, arbitrary, imap
SHA-256 | a3e1f1a44710237610d3100801340ec499b4ad76630080fc5ed1b6ef649d4782
ISAA-2006-010.txt
Posted Dec 6, 2006
Authored by Vicente Aguilera Diaz

ISMail version 2.0 is vulnerable to a cross site scripting attack.

tags | exploit, xss
SHA-256 | c0a92aa12c829c1e72c2441655b5e46a090475e777aaa52e446e0739ca20c876
SquirrelFlaws.txt
Posted Mar 2, 2006
Authored by Vicente Aguilera Diaz

SquirrelMail versions 1.4.5 and below suffer from an IMAP injection flaw. Versions 1.2.7 and below suffer from a SMTP injection flaw. Details provided.

tags | exploit, imap
advisories | CVE-2006-0377
SHA-256 | 14cc0b04e833bc5ee62ab6fe916d63fc4a302e2b75777de081e7a43462ff2d3f
Page 1 of 1
Back1Next

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    6 Files
  • 17
    Jul 17th
    34 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close