Showing 1 - 16 of 16

Files from Vicente Aguilera Diaz

Email address	vaguilera at isecauditors.com
First Active	2006-03-02
Last Active	2015-10-16

Google Open Redirect: Posted Oct 16, 2015; Authored by Vicente Aguilera Diaz; The Google generic TLD and ccTLD suffer from an open redirection vulnerability.; tags | exploit; SHA-256 | 2efe35fa05f198a9263df0eeaaff4d6930be6f1b639a8d847a7ef850f3ddfac4; Download | Favorite | View

Boxcryptor Cross Site Scripting: Posted Feb 14, 2014; Authored by Vicente Aguilera Diaz; Boxcryptor.com suffered from a cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | aab48458247a4d57f3545b2250a6b9478315321df0e69c78e7b61de5f2d118d3; Download | Favorite | View

Atmail WebMail 7.0.2 Cross Site Scripting: Posted Feb 7, 2014; Authored by Vicente Aguilera Diaz; Atmail WebMail version 7.0.2 suffers from multiple cross site scripting vulnerabilities.; tags | exploit, vulnerability, xss; advisories | CVE-2013-6229; SHA-256 | 23b2b53a8d67a1e32d07fc9e6327ecca13eddf018a35f4a70313e79d7dc615ec; Download | Favorite | View

Project'Or RIA 3.4.0 SQL Injection: Posted Nov 5, 2013; Authored by Vicente Aguilera Diaz; Project'Or RIA version 3.4.0 suffers from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; advisories | CVE-2013-6164; SHA-256 | 994b42a23c4f6da7f39c572a3975c13a575414930eac772b4f02905a50d8c355; Download | Favorite | View

Project'Or RIA 3.4.0 Cross Site Scripting: Posted Nov 5, 2013; Authored by Vicente Aguilera Diaz; Project'Or RIA version 3.4.0 suffers from multiple cross site scripting vulnerabilities.; tags | exploit, vulnerability, xss; advisories | CVE-2013-6163; SHA-256 | 4939ebe50ee1824f871a19246958da91b44eab3ea21fdd422e8494f230995c9a; Download | Favorite | View

Atmail WebMail 7.0.2 Cross Site Scripting: Posted Mar 27, 2013; Authored by Vicente Aguilera Diaz; Atmail WebMail versions 7.0.2 and below suffer from a reflective cross site scripting vulnerability.; tags | exploit, xss; advisories | CVE-2013-2585; SHA-256 | ff5341ba2491f38ee1944030bf777bbf3463e21753cdd0caff3312068641c1b0; Download | Favorite | View

LinkedIn Cross Site Request Forgery: Posted Mar 25, 2013; Authored by Vicente Aguilera Diaz; LinkedIn suffers from a cross site request forgery vulnerability in the "Add Connections" invitation functionality.; tags | exploit, csrf; SHA-256 | c5b139a72bbd7b02ada9279c197de33ad532f99e9aef4a08b3dc7dd686b75a16; Download | Favorite | View

Oracle AS Portal 10.1.2 Cross Site Scripting: Posted May 2, 2011; Authored by Vicente Aguilera Diaz; Oracle AS Portal 10g version 10.1.2 suffers from cross site scripting vulnerabilities.; tags | exploit, vulnerability, xss; SHA-256 | 01be71d80b7fe81294b6d74a1e6891d5fdc895d42564fa1b40b6c153a2cb4167; Download | Favorite | View

Atmail WebMail Cross Site Scripting: Posted Sep 21, 2010; Authored by Vicente Aguilera Diaz; Atmail Webmail suffers from a cross site scripting vulnerability. Versions prior to 6.2.0 are affected.; tags | exploit, xss; SHA-256 | cb6f90aa2c4b5814e7f1cc5ff1519d4fa832cced07f124d15e44fbe5111fb627; Download | Favorite | View

Tuenti.com Insecure Direct Object Reference: Posted Sep 21, 2010; Authored by Vicente Aguilera Diaz; Tuenti.com suffers from an insecure direct object reference vulnerability allowing anyone to read arbitrary blog posts.; tags | exploit, arbitrary; SHA-256 | 6f39659cdbc856ac25c93f23092ab2733e4e5ea90e0c2c8f02eb97c48177fd45; Download | Favorite | View

Google Gmail Cross Site Request Forgery: Posted Mar 3, 2009; Authored by Vicente Aguilera Diaz; Google's GMail service is vulnerable to cross site request forgery vulnerabilities.; tags | exploit, vulnerability, csrf; SHA-256 | 5e81bd372f765d1aa6e08bbb3574bc02f3fffd59eb60cdad2600347d27ff9d55; Download | Favorite | View

oracle--isa-xss.txt: Posted Jan 20, 2007; Authored by Vicente Aguilera Diaz; The Oracle Reports Web Cartridge (RWCGI60) is susceptible to cross site scripting vulnerabilities.; tags | exploit, web, vulnerability, xss; SHA-256 | abb9e38652c696f842002f0085e4b520d7499222cd79a15df00e7c482b217a87; Download | Favorite | View

121106.pdf: Posted Dec 12, 2006; Authored by Vicente Aguilera Diaz | Site webappsec.org; The Web Application Security Consortium is proud to present 'MX Injection: Capturing and Exploiting Hidden Mail Servers'. This article discusses how an attacker can inject additional commands into an online web mail application communicating with an IMAP/SMTP server.; tags | paper, web, imap; SHA-256 | 94bd8b84698e67eb59003ab5d105584a50366e226a59e7e88a6db217ff2cff30; Download | Favorite | View

ISAA-2006-011.txt: Posted Dec 6, 2006; Authored by Vicente Aguilera Diaz; Improper command and information validation transmitted by Hastymail to the mail servers during the normal use of this application facilitates that an authenticated malicious user could inject arbitrary IMAP/SMTP commands into the mail servers used by Hastymail across parameters used by the webmail front-end in its communication with these mail servers. This vulnerability has been found in development version 1.5 and stable version 1.0.2.; tags | exploit, arbitrary, imap; SHA-256 | a3e1f1a44710237610d3100801340ec499b4ad76630080fc5ed1b6ef649d4782; Download | Favorite | View

ISAA-2006-010.txt: Posted Dec 6, 2006; Authored by Vicente Aguilera Diaz; ISMail version 2.0 is vulnerable to a cross site scripting attack.; tags | exploit, xss; SHA-256 | c0a92aa12c829c1e72c2441655b5e46a090475e777aaa52e446e0739ca20c876; Download | Favorite | View

SquirrelFlaws.txt: Posted Mar 2, 2006; Authored by Vicente Aguilera Diaz; SquirrelMail versions 1.4.5 and below suffer from an IMAP injection flaw. Versions 1.2.7 and below suffer from a SMTP injection flaw. Details provided.; tags | exploit, imap; advisories | CVE-2006-0377; SHA-256 | 14cc0b04e833bc5ee62ab6fe916d63fc4a302e2b75777de081e7a43462ff2d3f; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days