what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 100 RSS Feed

Files

BananaDance Wiki b2.2 Cross Site Scripting / SQL Injection
Posted Nov 12, 2012
Authored by Katharina S.L., Vulnerability Laboratory | Site vulnerability-lab.com

BananaDance Wiki version b2.2 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | 37ff3df19e6aaf91a7a828f64ebd039105f5fd56742cdbfbcbec3d46a36a9fc0

Related Files

MindTouch Deki Wiki 10.1.3 Local File Inclusion / Remote File Inclusion
Posted Aug 11, 2012
Authored by L0n3ly-H34rT

MindTouch Deki Wiki version 10.1.3 suffers from local file inclusion and remote file inclusion vulnerabilities.

tags | exploit, remote, local, vulnerability, code execution, file inclusion
SHA-256 | 1f4ca7a634bd64462aadf58174a71b966947d403044fd5518e0962fbeee6c17a
Secunia Security Advisory 49196
Posted Jul 13, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered a vulnerability in DokuWiki, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 47a76f37dddcb906d549b86ea166e660e939cb8fc5c91cf36d9e84456224bb63
Tiki Wiki <= 8.3 unserialize() PHP Code Execution
Posted Jul 6, 2012
Authored by EgiX, juan vazquez | Site metasploit.com

This Metasploit module exploits a php unserialize() vulnerability in Tiki Wiki <= 8.3 which could be abused to allow unauthenticated users to execute arbitrary code under the context of the webserver user. The dangerous unserialize() exists in the 'tiki-print_multi_pages.php' script, which is called with user controlled data from the 'printpages' parameter. The exploit abuses the __destruct() method from the Zend_Pdf_ElementFactory_Proxy class to write arbitrary PHP code to a file on the Tiki Wiki web directory. In order to run successfully three conditions must be satisfied (1) display_errors php setting must be On to disclose the filesystem path of Tiki Wiki, (2) The Tiki Wiki Multiprint feature must be enabled to exploit the unserialize() and (3) a php version older than 5.3.4 must be used to allow poison null bytes in filesystem related functions. The exploit has been tested successfully on Ubuntu 9.10 and Tiki Wiki 8.3.

tags | exploit, web, arbitrary, php
systems | linux, ubuntu
advisories | CVE-2012-0911
SHA-256 | 04e6daabf6b6a5dba1b8fa576bc4f910b4df1c7b90652847142a832796744523
Tiki Wiki CMS Groupware 8.3 Code Execution
Posted Jul 4, 2012
Authored by EgiX

Tiki Wiki CMS Groupware versions 8.3 and below suffer from an unserialize() PHP code execution vulnerability.

tags | exploit, php, code execution
advisories | CVE-2012-0911
SHA-256 | 1131c8a6485c082585a271f33d7953e4f5c4c0779bc61c2352ed14fa8c3a700a
Wikiboat Automated Distributed Denial Of Service
Posted Jun 23, 2012
Authored by WizZ

This is the html code used for the Wikiboat automated distributed denial of service tool.

tags | denial of service
systems | linux
SHA-256 | 69387a4ae6f8a662b4fce340b25dca7da73b81267665ab3e88b9f91f4edb4dc4
Gentoo Linux Security Advisory 201206-09
Posted Jun 22, 2012
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201206-9 - Multiple vulnerabilities have been found in MediaWiki, the worst of which leading to remote execution of arbitrary code. Versions less than 1.18.2 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2010-2787, CVE-2010-2788, CVE-2010-2789, CVE-2011-0003, CVE-2011-0047, CVE-2011-0537, CVE-2011-1579, CVE-2011-1580, CVE-2011-1766, CVE-2011-1766, CVE-2012-1578, CVE-2012-1579, CVE-2012-1580, CVE-2012-1581, CVE-2012-1582
SHA-256 | 2ae3bc72ec6a16c6837ec41edc36fb76dded93cd54de24920dc77b2d2a0cb4d6
Secunia Security Advisory 49484
Posted Jun 14, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in MediaWiki, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 456ba7425881e8b57ec14caa266aff30694202c2b4228197de0785144ed1a06f
Secunia Security Advisory 49232
Posted May 18, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities has been reported in ikiwiki, which can be exploited by malicious users to conduct script insertion attacks.

tags | advisory, vulnerability
SHA-256 | d966a6be04dac70e70211ef292ac27896ec608691f3211d49a10228e953d9a8d
Secunia Security Advisory 49199
Posted May 18, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for ikiwiki. This fixes two vulnerabilities, which can be exploited by malicious users to conduct script insertion attacks.

tags | advisory, vulnerability
systems | linux, debian
SHA-256 | 49c531e70a9499592a64cd1880710ed562e3b47013d2b35c15ed3ec894a1fbc9
Debian Security Advisory 2474-1
Posted May 17, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2474-1 - Benencia discovered that ikiwiki, a wiki compiler, does not properly escape the author (and its URL) of certain metadata, such as comments. This might be used to conduct cross-site scripting attacks.

tags | advisory, xss
systems | linux, debian
advisories | CVE-2012-0220
SHA-256 | a77c6364ff42f6e4ec36b1b89e3dd029f590700100d32902704980fbb69b522d
WikkaWiki 1.3.2 Spam Logging PHP Injection
Posted May 11, 2012
Authored by EgiX, sinn3r | Site metasploit.com

This Metasploit module exploits a vulnerability found in WikkaWiki. When the spam logging feature is enabled, it is possible to inject PHP code into the spam log file via the UserAgent header, and then request it to execute our payload. There are at least three different ways to trigger spam protection, this module does so by generating 10 fake URLs in a comment (by default, the max_new_comment_urls parameter is 6). Please note that in order to use the injection, you must manually pick a page first that allows you to add a comment, and then set it as 'PAGE'.

tags | exploit, php
advisories | CVE-2011-4449, OSVDB-77391
SHA-256 | 979dd7941c1071466332c8564dba032aa510362e1fb22f874339cf269936c50e
DocuWiki 2012/01/25 Cross Site Request Forgery / Cross Site Scripting
Posted Apr 18, 2012
Authored by IRCRASH, Khashayar Fereidani | Site ircrash.com

DocuWiki version 2012/01/25 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | 65f9c5fa6df169096268a3322d42c2a804c57e0e191fa90806551a8ae0aba88b
Secunia Security Advisory 48848
Posted Apr 17, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Khashayar Fereidani has discovered a vulnerability in DokuWiki, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 1fb33f2da39d64e6baefc0408ce47a7f6c0a455a7a9a24341b0b3184ee036607
Secunia Security Advisory 48638
Posted Apr 1, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Sooraj K.S has discovered a vulnerability in JAMWiki, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 547ef8aba02eb92eb63ad1c85eeff8de65325bb1b719e630f6dd299ad4d2fb0c
JAMWiki 1.1.4 Cross Site Scripting
Posted Mar 30, 2012
Authored by Sooraj K.S | Site secpod.com

JAMWiki version 1.1.4 suffers from a reflective cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 3a434a12f95e083d4e37bd69a090f4a82a49d407c4756262d732f4e0e3f3a399
Secunia Security Advisory 48504
Posted Mar 23, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in MediaWiki, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to disclose potentially sensitive information and conduct cross-site request forgery attacks.

tags | advisory, vulnerability, csrf
SHA-256 | 40cac0176262c31007d87ef3b3a701c2a6803731e804aab7bb85ec72bb643cd9
Wikidforum 2.10 Cross Site Scripting / SQL Injection
Posted Mar 12, 2012
Authored by Stefan Schurtz

Wikidforum version 2.10 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | fd71c519d26a290071368eb97558a826690b477e648a09a2181602c451e98048
Secunia Security Advisory 48109
Posted Feb 20, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Sony has discovered a vulnerability in MoniWiki, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 369ecc123ce83378a3976209246398880a3ee6b1a3c6e4b49cde9d3dfec667ab
Secunia Security Advisory 48102
Posted Feb 20, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Sony has discovered a vulnerability in Tiki Wiki CMS/Groupware, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | b534a7a979b7a1b287caf7f3e7c713b5b23c682819b5264825cdb9ae067b1cb1
Wiki Spot Cross Site Scripting
Posted Feb 18, 2012
Authored by Sony

Wiki Spot suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 4d2b2779ee8292f917098041a48c19cf8e54bd1d6439bb1e92a49ed8615e3b03
Tiki Wiki CMS Groupware Frame Injection
Posted Feb 18, 2012
Authored by Sony

Tiki Wiki CMS Groupware suffers from a frame inclusion vulnerability.

tags | exploit
SHA-256 | 05720d1da49c07e5b6c22ca7d008fc4d76b707bf99890daa696a95820a56dbda
MoniWiki Cross Site Scripting
Posted Feb 18, 2012
Authored by Sony

MoniWiki suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 799d18c12ae2a2c3f0d81953eb3ec54b6c09726f6d2da8c50c5328adbd2d3a9b
AtWiki Cross Site Scripting
Posted Feb 17, 2012
Authored by Sony

AtWiki suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 6dbf7267b0c15f6b6589d7aa897b6c7090c0153ec2b7fb5c2d39479c077bb467
ButorWiki Cross Site Scripting
Posted Feb 17, 2012
Authored by Sony

ButorWiki version 3.0.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | bda14c1fa1703b593fc2b9c3aafb3b0d9488efc4242e2f03752e57b754c128f7
JaWiki Cross Site Scripting
Posted Feb 17, 2012
Authored by Sony

JaWiki suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 7467a36a300624866ddd5674bfc5015c3582e4a62c16ba5506e7a9e544a0ca6d
Page 1 of 4
Back1234Next

File Archive:

March 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    13 Files
  • 3
    Mar 3rd
    15 Files
  • 4
    Mar 4th
    0 Files
  • 5
    Mar 5th
    0 Files
  • 6
    Mar 6th
    16 Files
  • 7
    Mar 7th
    31 Files
  • 8
    Mar 8th
    16 Files
  • 9
    Mar 9th
    13 Files
  • 10
    Mar 10th
    9 Files
  • 11
    Mar 11th
    0 Files
  • 12
    Mar 12th
    0 Files
  • 13
    Mar 13th
    10 Files
  • 14
    Mar 14th
    6 Files
  • 15
    Mar 15th
    17 Files
  • 16
    Mar 16th
    22 Files
  • 17
    Mar 17th
    13 Files
  • 18
    Mar 18th
    0 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    16 Files
  • 21
    Mar 21st
    13 Files
  • 22
    Mar 22nd
    5 Files
  • 23
    Mar 23rd
    6 Files
  • 24
    Mar 24th
    47 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close