Please view original advisory here.

View the txt advisory/exploit here. >> #1 Vulnerability Type = XSS Almost every parameter accepting user input is vulnerable. Examples: members/login.php?username=[XSS] members/signup.php?username=[XSS] admin/userdetails.php?userId=[XSS] >> Additional Information When being installed, the Rad User Manager creates two accounts with default passwords: Login: “admin” Password: “radmin” Login: “user” Password: “radmin”

I recently had the time to test Google’s Skipfish. It is a fully automated penetration testing tool and was just published some weeks ago. This little tutorial will show Debian/Ubuntu users how to install it and perform the first test. I. Introduction Tools like Nessus and Nmap are indispensable when it comes down to security [...]

View the original advisory here. This is most probably the most funny advisory I ever published. I found some decent vulnerabilities within the code of the very popular counter “chCounter”. It is fact a very cool counter. Simply implement the counter file into your website and view the stats in the admin backend. >> #1 [...]

Please view the advisory here. The small guestbook “Sethi Family Guestbook” suffers from several XSS vulnerabilities. Please read the advisory for details.

View the advisory here. The image gallery script “Auto-Img-Gallery” suffers from a XSS vulnerability. Furthermore SQL injection might be possible since I got some SQL errors just by browsing trough the script and playing around with the URI. Still need to find out if there is a way to exploit this.

Please view the txt advisory here. The actually very nice guestbook “Guestbook PHP” suffers from a XSS vulnerability. The guestbook fails to properly sanitize the user input when a new entry is added. When HTML/Java Script code is added, it gets displayed/parsed when the new entry was successfully submitted. Furthermore the code gets executed when [...]

View the original advisory here. >> Product information Name = FlashCard Vendor = tufat.com Vendor Website = http://www.tufat.com/script9.htm Affected Version(s) = Only tested with 2.6.5, other versions may also be affected >> #1 Vulnerability Type = XSS Example URI = flashcard/stateless/cPlayer.php?id=”><iframe src=http://www.google.de>

Please view the original advisory here. The very popular download manager dl_stats suffers from various vulnerabilities. #1 SQL Injection #2 XSS #3 Unprotected Admin Panel The vendor seems to have rewritten the software, since version 2.0 dl_stats is no longer vulnerable to SQLI and XSS. But… 90 percent of the websites using dl_stats did NOT upgrade [...]

Finally: Facebook fixed several XSS vulnerabilities. Tt was possible to redirect users (who type a specific search string into the search box) to external websites, steal their cookies etc. I wrote about it here. Sadly they ignored many vulnerabilities for a long time and didn’t even bother to reply on mails and security reports.