jetlib.sec » Tags » search

Feeds

133445 items (0 unread) in 27 feeds

• 1337day (was: Inj3ct0r, 1337db)
• OSVDB Vulnerabilities
• Exploit-DB
• SecurityFocus Vulnerabilities
• Bugtraq
• Full Disclosure
• XSSed
• Packet Storm Security Headlines
• Packet Storm Security Advisories
• Packet Storm Security Exploits
• Packet Storm Security Recent Files
• Packet Storm Security Tools
• Packet Storm Security Misc. Files
• Sophos security news
• Sophos product advisories
• Penetration Testing
• SecuriTeam
• BackTrack Linux Forums
• Threatpost
• SecDocs
• carnal0wnage.attackresearch.com
• Carnal0wnage
• Kernel Fun
• Darknet
• The Exploitant
• Hack a Day
• Wirevolution

137 items tagged "search"

Related tags: search version [+], cross [+], sql injection [+], search plugin [+], wordpress [+], network [+], bing [+], vbulletin [+], sql [+], search path [+], proof of concept [+], privilege escalation vulnerability [+], local privilege escalation [+], ghostscript [+], vulnerability [+], video [+], seizure [+], search result [+], privacy event [+], mp3 search engine [+], mobile mp3 [+], mobile [+], linux [+], hijacking [+], file search [+], file [+], encoding [+], effective [+], drupal [+], brown rob ragan [+], authors [+], zoom [+], zerboard [+], yolink [+], whois search [+], whois [+], tyler [+], siche [+], search ui [+], search queries [+], search parameter [+], search network [+], search module [+], search engine builder [+], search api [+], search and seizure [+], search activity [+], ragan [+], phpmyadmin [+], paydutchgroup [+], network search engine [+], nasty creature [+], multisite [+], malicious users [+], malicious user [+], job search [+], job [+], jaydeonline [+], image search engine [+], image [+], goblin [+], gggooglescan [+], expression search [+], expression [+], exploits [+], dns servers [+], dns queries [+], dns [+], direct access [+], destination search [+], destination [+], database search [+], database [+], conduit [+], com [+], builder [+], boomge [+], babylon [+], automatic search [+], audio [+], api [+], access [+], x86 linux [+], user [+], slides [+], shellcode [+], searchlog [+], search functionality [+], search field [+], pitchford [+], php files [+], perfect [+], module [+], kleinanzeigenmarkt [+], key tags [+], intelligence [+], handcuffs [+], google cache [+], files search [+], field [+], component search [+], code [+], cache [+], bible search [+], bible [+], arbitrary html [+], apple safari [+], cross site scripting [+], engine [+], xss [+], xenon lamp [+], xenon arc lamp [+], xenon [+], world war ii [+], woc [+], webedition [+], warns [+], virtual interface [+], viewvc [+], video search [+], usa [+], untrusted [+], typo [+], tax [+], steve dunker [+], stack overflow [+], spotify [+], sophos [+], softwares [+], social engineering [+], serveur web [+], serves [+], security researchers [+], security centre [+], security [+], search warrants [+], search traffic [+], search page [+], search extension [+], search engines [+], search engine script [+], search engine php [+], search engine optimisation [+], search data [+], search command [+], search bible [+], scrutinise [+], script v1 [+], script sql [+], script [+], safari search [+], revou [+], result [+], researchers [+], remote [+], regular expression [+], quot [+], python script [+], python [+], portal search [+], portal [+], plugin [+], pirate web [+], phpmyfaq [+], php sql [+], php nuke [+], path [+], paris [+], page [+], news [+], nbsp [+], multiple [+], ms security [+], mercury [+], memory exhaustion [+], manu [+], lord [+], list [+], library search path [+], library [+], lamp [+], knowledge base [+], joomla [+], jim rennie [+], jevents [+], isps [+], ip search [+], information intelligence [+], information [+], imapd [+], huge list [+], hosts [+], hostnames [+], holders [+], history search [+], history [+], hijack [+], health tax [+], health [+], hacks [+], hacking search [+], hackers [+], hacker [+], guide [+], government search engine [+], government [+], google search [+], glsa [+], global search [+], global [+], func [+], fbi [+], explained [+], eric rachner [+], engine crawler [+], edgephp [+], ecshop [+], dunker [+], dorkmaster [+], disclosure [+], denial of service [+], demand [+], debutant [+], day [+], cruxcms [+], crackdown [+], content types [+], consulting [+], cobrascripts [+], classic [+], chans [+], centre search [+], centre [+], canoy [+], blog [+], ben krasnow [+], bat signal [+], auth [+], audio search [+], asp [+], arcade [+], arbitrary code execution [+], arbitrary [+], apartmen [+], a blog [+], Software [+], Espace [+], google [+], search engine [+], php [+]

• May 23, 2012
• 6:55

  Drupal Search API 7.x Cross Site Scripting

   » ‎ Packet Storm Security Advisories
  Drupal Search API third party module version 7.x suffers from a cross site scripting vulnerability.

  Tags:  drupal search api search-api cross-site-scripting vulnerability  

• 6:55

  Drupal Search API 7.x Cross Site Scripting

   » ‎ Packet Storm Security Recent Files
  Drupal Search API third party module version 7.x suffers from a cross site scripting vulnerability.

  Tags:  drupal search api search-api cross-site-scripting vulnerability  

• 6:55

  Drupal Search API 7.x Cross Site Scripting

   » ‎ Packet Storm Security Misc. Files
  Drupal Search API third party module version 7.x suffers from a cross site scripting vulnerability.

  Tags:  drupal search api search-api cross-site-scripting vulnerability  

• April 15, 2012
• 11:22

  Siche Search 0.5 Zerboard Cross Site Scripting / SQL Injection

   » ‎ Packet Storm Security Exploits
  Siche Search version 0.5 Zerboard suffers from cross site scripting and remote SQL injection vulnerabilities.

  Tags:  zerboard siche search search-version  

• 11:22

  Siche Search 0.5 Zerboard Cross Site Scripting / SQL Injection

   » ‎ Packet Storm Security Recent Files
  Siche Search version 0.5 Zerboard suffers from cross site scripting and remote SQL injection vulnerabilities.

  Tags:  zerboard siche search search-version  

• 11:22

  Siche Search 0.5 Zerboard Cross Site Scripting / SQL Injection

   » ‎ Packet Storm Security Misc. Files
  Siche Search version 0.5 Zerboard suffers from cross site scripting and remote SQL injection vulnerabilities.

  Tags:  zerboard siche search search-version  

• March 23, 2012
• 15:00

  [local exploits] - Spotify 0.8.2.610 (search func) Memory Exhaustion Exploit

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [local exploits] - Spotify 0.8.2.610 (search func) Memory Exhaustion Exploit

  Tags:  spotify func search memory-exhaustion exploits  

• March 14, 2012
• 2:22

  Drupal 7.x Search Module Path Disclosure

   » ‎ Packet Storm Security Exploits
  The Search module in Drupal version 7.x suffers from a path disclosure vulnerability.

  Tags:  module drupal search search-module vulnerability disclosure  

• March 07, 2012
• 15:29

  Drupal UC PayDutchGroup / WeDeal Payment / Multisite Search Disclosure

   » ‎ Packet Storm Security Advisories
  UC PayDutchGroup / WeDeal payment integrates the PayDutchGroup / WeDeal payment gateway with Ubercart. The module exposes account credentials for the store's PayDutchGroup account under certain circumstances allowing a malicious user to login to the PayDutchGroup site as the store owner and manage the store owner's account. The vulnerability is mitigated by an attacker needing to gain an account with the ability to checkout of the store. Multisite Search allows you to index and search content from all sites in a Multisite configuration. The module doesn't sufficiently escape user input when constructing queries. The vulnerability is mitigated by the fact that in order to execute arbitrary sql injection malicious users must have the ability to administer multisite search.

  Tags:  paydutchgroup multisite search malicious-users malicious-user sql-injection  

• 15:29

  Drupal UC PayDutchGroup / WeDeal Payment / Multisite Search Disclosure

   » ‎ Packet Storm Security Recent Files
  UC PayDutchGroup / WeDeal payment integrates the PayDutchGroup / WeDeal payment gateway with Ubercart. The module exposes account credentials for the store's PayDutchGroup account under certain circumstances allowing a malicious user to login to the PayDutchGroup site as the store owner and manage the store owner's account. The vulnerability is mitigated by an attacker needing to gain an account with the ability to checkout of the store. Multisite Search allows you to index and search content from all sites in a Multisite configuration. The module doesn't sufficiently escape user input when constructing queries. The vulnerability is mitigated by the fact that in order to execute arbitrary sql injection malicious users must have the ability to administer multisite search.

  Tags:  paydutchgroup multisite search malicious-users malicious-user sql-injection  

• 15:29

  Drupal UC PayDutchGroup / WeDeal Payment / Multisite Search Disclosure

   » ‎ Packet Storm Security Misc. Files
  UC PayDutchGroup / WeDeal payment integrates the PayDutchGroup / WeDeal payment gateway with Ubercart. The module exposes account credentials for the store's PayDutchGroup account under certain circumstances allowing a malicious user to login to the PayDutchGroup site as the store owner and manage the store owner's account. The vulnerability is mitigated by an attacker needing to gain an account with the ability to checkout of the store. Multisite Search allows you to index and search content from all sites in a Multisite configuration. The module doesn't sufficiently escape user input when constructing queries. The vulnerability is mitigated by the fact that in order to execute arbitrary sql injection malicious users must have the ability to administer multisite search.

  Tags:  paydutchgroup multisite search malicious-users malicious-user sql-injection  

• February 24, 2012
• 9:00

  Bugtraq: Mobile Mp3 Search Engine HTTP Response Splitting

   » ‎ SecurityFocus Vulnerabilities
  Mobile Mp3 Search Engine HTTP Response Splitting

  Tags:  engine mobile search mp3-search-engine mobile-mp3  

• February 23, 2012
• 21:58

  Mobile MP3 Search Engine 2.0 HTTP Response Splitting

   » ‎ Packet Storm Security Exploits
  Mobile MP3 Search Engine version 2.0 suffers from a HTTP response splitting vulnerability.

  Tags:  engine mobile search mp3-search-engine mobile-mp3 vulnerability  

• 21:58

  Mobile MP3 Search Engine 2.0 HTTP Response Splitting

   » ‎ Packet Storm Security Recent Files
  Mobile MP3 Search Engine version 2.0 suffers from a HTTP response splitting vulnerability.

  Tags:  engine mobile search mp3-search-engine mobile-mp3 vulnerability  

• 21:58

  Mobile MP3 Search Engine 2.0 HTTP Response Splitting

   » ‎ Packet Storm Security Misc. Files
  Mobile MP3 Search Engine version 2.0 suffers from a HTTP response splitting vulnerability.

  Tags:  engine mobile search mp3-search-engine mobile-mp3 vulnerability  

• February 20, 2012
• 2:11

  Search Engine Builder Cross Site Scripting

   » ‎ Packet Storm Security Exploits
  Search Engine Builder suffers from a cross site scripting vulnerability.

  Tags:  engine builder search search-engine-builder cross-site-scripting vulnerability  

• 2:11

  Search Engine Builder Cross Site Scripting

   » ‎ Packet Storm Security Recent Files
  Search Engine Builder suffers from a cross site scripting vulnerability.

  Tags:  engine builder search search-engine-builder cross-site-scripting vulnerability  

• 2:11

  Search Engine Builder Cross Site Scripting

   » ‎ Packet Storm Security Misc. Files
  Search Engine Builder suffers from a cross site scripting vulnerability.

  Tags:  engine builder search search-engine-builder cross-site-scripting vulnerability  

• February 19, 2012
• 6:22

  Boomge Search Cross Site Scripting

   » ‎ Packet Storm Security Exploits
  Boomge Search suffers from a cross site scripting vulnerability.

  Tags:  cross boomge search cross-site-scripting vulnerability  

• 6:22

  Boomge Search Cross Site Scripting

   » ‎ Packet Storm Security Recent Files
  Boomge Search suffers from a cross site scripting vulnerability.

  Tags:  cross boomge search cross-site-scripting vulnerability  

• 6:22

  Boomge Search Cross Site Scripting

   » ‎ Packet Storm Security Misc. Files
  Boomge Search suffers from a cross site scripting vulnerability.

  Tags:  cross boomge search cross-site-scripting vulnerability  

• February 16, 2012
• 21:49

  [Slides] The Hacker’s Guide to Search and Arrest

   » ‎ SecDocs
  Authors: Steve Dunker
  Tags: social social engineering
  Event: DEFCON 13
  

  Tags:  hacker guide search steve-dunker dunker social-engineering slides  

• 0:00

  Vuln: TYPO3 Yet another Google search Extension Cross Site Scripting Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  TYPO3 Yet another Google search Extension Cross Site Scripting Vulnerability

  Tags:  google typo search google-search search-extension  

• February 06, 2012
• 0:00

  Vuln: Ghostscript CVE-2010-4820 Library Search Path Local Privilege Escalation Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Ghostscript CVE-2010-4820 Library Search Path Local Privilege Escalation Vulnerability

  Tags:  ghostscript library search library-search-path privilege-escalation-vulnerability local-privilege-escalation  

• February 03, 2012
• 16:06

  Conduit Image Search Engine Cross Site Scripting

   » ‎ Packet Storm Security Exploits
  Conduit Image Search Engine suffers from a cross site scripting vulnerability.

  Tags:  conduit image search image-search-engine cross-site-scripting vulnerability  

• 16:06

  Conduit Image Search Engine Cross Site Scripting

   » ‎ Packet Storm Security Recent Files
  Conduit Image Search Engine suffers from a cross site scripting vulnerability.

  Tags:  conduit image search image-search-engine cross-site-scripting vulnerability  

• 16:06

  Conduit Image Search Engine Cross Site Scripting

   » ‎ Packet Storm Security Misc. Files
  Conduit Image Search Engine suffers from a cross site scripting vulnerability.

  Tags:  conduit image search image-search-engine cross-site-scripting vulnerability  

• January 30, 2012
• 21:36

  Rights Holders Demand Search Engines Delist 'Pirate' Web Sites

   » ‎ Packet Storm Security Headlines
  Rights Holders Demand Search Engines Delist 'Pirate' Web Sites

  Tags:  holders demand search pirate-web search-engines  

• January 25, 2012
• 14:00

  [linux/x86] - linux/x86 Search (*.php) and Inject PHP_BACKD00R

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [linux/x86] - linux/x86 Search (*.php) and Inject PHP_BACKD00R

  Tags:  linux php search x86-linux  

• January 17, 2012
• 17:07

  Linux Search Shellcode

   » ‎ Packet Storm Security Recent Files
  This shellcode writes down your code in the end of found files. Your code will be added only .html and .php files. Search for files is carried out recursively.

  Tags:  code shellcode search files-search php-files linux  

• 17:07

  Linux Search Shellcode

   » ‎ Packet Storm Security Misc. Files
  This shellcode writes down your code in the end of found files. Your code will be added only .html and .php files. Search for files is carried out recursively.

  Tags:  code shellcode search files-search php-files linux  

• 14:00

  [linux/x86] - linux/x86 Search For php,html Writable Files and Add Your Code

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [linux/x86] - linux/x86 Search For php,html Writable Files and Add Your Code

  Tags:  linux php search x86-linux  

• December 31, 2011
• 6:04

  WordPress Whois Search Cross Site Scripting

   » ‎ Packet Storm Security Exploits
  The WordPress Whois Search plugin suffers from a cross site scripting vulnerability.

  Tags:  whois wordpress search whois-search cross-site-scripting search-plugin  

• 6:04

  WordPress Whois Search Cross Site Scripting

   » ‎ Packet Storm Security Recent Files
  The WordPress Whois Search plugin suffers from a cross site scripting vulnerability.

  Tags:  whois wordpress search whois-search cross-site-scripting search-plugin  

• 6:04

  WordPress Whois Search Cross Site Scripting

   » ‎ Packet Storm Security Misc. Files
  The WordPress Whois Search plugin suffers from a cross site scripting vulnerability.

  Tags:  whois wordpress search whois-search cross-site-scripting search-plugin  

• December 30, 2011
• 17:38

  Zoom Search Engine Cross Site Scripting

   » ‎ Packet Storm Security Exploits
  Zoom Search Engine suffers from a cross site scripting vulnerability.

  Tags:  engine zoom search vulnerability search-engine  

• 17:38

  Zoom Search Engine Cross Site Scripting

   » ‎ Packet Storm Security Recent Files
  Zoom Search Engine suffers from a cross site scripting vulnerability.

  Tags:  engine zoom search vulnerability search-engine  

• 17:38

  Zoom Search Engine Cross Site Scripting

   » ‎ Packet Storm Security Misc. Files
  Zoom Search Engine suffers from a cross site scripting vulnerability.

  Tags:  engine zoom search vulnerability search-engine  

• December 11, 2011
• 15:34

  Babylon Cross Site Scripting

   » ‎ Packet Storm Security Exploits
  The search engine at search.babylon.com suffers from a reflective cross site scripting vulnerability.

  Tags:  babylon cross search vulnerability search-engine  

• 15:34

  Babylon Cross Site Scripting

   » ‎ Packet Storm Security Recent Files
  The search engine at search.babylon.com suffers from a reflective cross site scripting vulnerability.

  Tags:  babylon cross search vulnerability search-engine  

• 15:34

  Babylon Cross Site Scripting

   » ‎ Packet Storm Security Misc. Files
  The search engine at search.babylon.com suffers from a reflective cross site scripting vulnerability.

  Tags:  babylon cross search vulnerability search-engine  

• November 28, 2011
• 14:00

  [local exploits] - Mercury 32 v4.52 IMAPD SEARCH command Post-Auth Stack Overflow

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [local exploits] - Mercury 32 v4.52 IMAPD SEARCH command Post-Auth Stack Overflow

  Tags:  mercury search imapd stack-overflow search-command exploits  

• November 05, 2011
• 5:18

  DNS Goblin Search Utility

   » ‎ Packet Storm Security Recent Files
  DNS Goblin is a nasty creature that searches for DNS servers. It uses DNS queries and waits for replies.

  Tags:  dns goblin search dns-queries nasty-creature dns-servers  

• 5:18

  DNS Goblin Search Utility

   » ‎ Packet Storm Security Tools
  DNS Goblin is a nasty creature that searches for DNS servers. It uses DNS queries and waits for replies.

  Tags:  dns goblin search dns-queries nasty-creature dns-servers  

• 5:18

  DNS Goblin Search Utility

   » ‎ Packet Storm Security Misc. Files
  DNS Goblin is a nasty creature that searches for DNS servers. It uses DNS queries and waits for replies.

  Tags:  dns goblin search dns-queries nasty-creature dns-servers  

• November 04, 2011
• 0:00

  Vuln: Joomla! 'com_searchlog' Component 'search' Parameter SQL Injection Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Joomla! 'com_searchlog' Component 'search' Parameter SQL Injection Vulnerability

  Tags:  search com searchlog component-search search-parameter vulnerability  

• October 12, 2011
• 19:19

  Destination Search 4.0 Access Bypass

   » ‎ Packet Storm Security Exploits
  Destination Search version 4.0 suffers from a direct access administrative console access control bypass vulnerability.

  Tags:  destination access search destination-search search-version direct-access  

• 19:19

  Destination Search 4.0 Access Bypass

   » ‎ Packet Storm Security Recent Files
  Destination Search version 4.0 suffers from a direct access administrative console access control bypass vulnerability.

  Tags:  destination access search destination-search search-version direct-access  

• 19:19

  Destination Search 4.0 Access Bypass

   » ‎ Packet Storm Security Misc. Files
  Destination Search version 4.0 suffers from a direct access administrative console access control bypass vulnerability.

  Tags:  destination access search destination-search search-version direct-access  

• September 28, 2011
• 0:00

  Vuln: Multisite Global Search Plugin 'mssearch' Parameter Cross Site Scripting Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Multisite Global Search Plugin 'mssearch' Parameter Cross Site Scripting Vulnerability

  Tags:  global plugin search global-search search-plugin cross-site-scripting  

• September 20, 2011
• 12:03

  [Slides] Lord of the Bing: Taking back search engine hacking from Google and Bing

   » ‎ SecDocs
  Authors: Francis Brown Rob Ragan
  Tags: intelligence
  Event: Black Hat USA 2010
  Abstract: During World War II the CIA created a special information intelligence unit to exploit information gathered from openly available sources. One classic example of the team’s resourcefulness was the ability to determine whether Allied forces had successfully bombed bridges leading into Paris based on increasing orange prices. Since then OSINT sources have surged in number and diversity, but none can compare to the wealth of information provided by the Internet. Attackers have been clever enough in the past to take advantage of search engines to filter this information to identify vulnerabilities. However, current search hacking techniques have been stymied by search provider efforts to curb this type of behavior. Not anymore - our demonstration-heavy presentation picks up the subtle art of search engine hacking at the current state and discusses why these techniques fail. We will then reveal several new search engine hacking techniques that have resulted in remarkable breakthroughs against both Google and Bing. Come ready to engage with us as we release two new tools, GoogleDiggity and BingDiggity, which take full advantage of the new hacking techniques. We’ll also be releasing the first ever “live vulnerability feed”, which will quickly become the new standard on how to detect and protect yourself against these types of attacks. This presentation will change the way you've previously thought about search engine hacking, so put on your helmets. We don't want a mess when we blow your minds.

  Tags:  engine search information bing authors brown-rob-ragan paris usa information-intelligence world-war-ii  

• August 30, 2011
• 18:37

  WordPress Yolink Search 1.1.4 SQL Injection

   » ‎ Packet Storm Security Exploits
  WordPress Yolink Search plugin versions 1.1.4 and below suffer from a remote SQL injection vulnerability.

  Tags:  wordpress yolink search search-plugin vulnerability  

• 18:37

  WordPress Yolink Search 1.1.4 SQL Injection

   » ‎ Packet Storm Security Recent Files
  WordPress Yolink Search plugin versions 1.1.4 and below suffer from a remote SQL injection vulnerability.

  Tags:  wordpress yolink search search-plugin vulnerability  

• 18:37

  WordPress Yolink Search 1.1.4 SQL Injection

   » ‎ Packet Storm Security Misc. Files
  WordPress Yolink Search plugin versions 1.1.4 and below suffer from a remote SQL injection vulnerability.

  Tags:  wordpress yolink search search-plugin vulnerability  

• August 10, 2011
• 20:46

  Network Search Engine Cross Site Scripting

   » ‎ Packet Storm Security Exploits
  Network Search Engine suffers from a cross site scripting vulnerability.

  Tags:  engine network search network-search-engine cross-site-scripting vulnerability  

• 20:46

  Network Search Engine Cross Site Scripting

   » ‎ Packet Storm Security Recent Files
  Network Search Engine suffers from a cross site scripting vulnerability.

  Tags:  engine network search network-search-engine cross-site-scripting vulnerability  

• 20:46

  Network Search Engine Cross Site Scripting

   » ‎ Packet Storm Security Misc. Files
  Network Search Engine suffers from a cross site scripting vulnerability.

  Tags:  engine network search network-search-engine cross-site-scripting vulnerability  

• August 07, 2011
• 10:11

  Search Network 2.0 Cross Site Scripting

   » ‎ Packet Storm Security Exploits
  Search Network version 2.0 suffers from a cross site scripting vulnerability.

  Tags:  cross network search search-network vulnerability  

• 10:11

  Search Network 2.0 Cross Site Scripting

   » ‎ Packet Storm Security Recent Files
  Search Network version 2.0 suffers from a cross site scripting vulnerability.

  Tags:  cross network search search-network vulnerability  

• 10:11

  Search Network 2.0 Cross Site Scripting

   » ‎ Packet Storm Security Misc. Files
  Search Network version 2.0 suffers from a cross site scripting vulnerability.

  Tags:  cross network search search-network vulnerability  

• August 05, 2011
• 8:50

  Big US ISPs Hijack Search Traffic

   » ‎ Packet Storm Security Headlines
  Big US ISPs Hijack Search Traffic

  Tags:  hijack isps search search-traffic  

• July 28, 2011
• 12:01

  Bugtraq: WOC Consulting (search_result.php?cid) Remote SQL injection Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  WOC Consulting (search_result.php?cid) Remote SQL injection Vulnerability

  Tags:  woc search consulting sql-injection vulnerability search-result  

• 12:00

  Bugtraq: Canoy Softwares (search_result.php?loc_id) Remote SQL injection Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Canoy Softwares (search_result.php?loc_id) Remote SQL injection Vulnerability

  Tags:  canoy search softwares sql-injection vulnerability search-result  

• July 25, 2011
• 9:00

  Bugtraq: CobraScripts (search_result.php?cid) Remote SQL injection Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  CobraScripts (search_result.php?cid) Remote SQL injection Vulnerability

  Tags:  cobrascripts search result sql-injection vulnerability search-result  

• July 20, 2011
• 17:42

  vBulletin Search UI SQL Injection

   » ‎ Packet Storm Security Exploits
  vBulletin suffers from a Search UI remote SQL injection vulnerability. Proof of concept code included.

  Tags:  sql search vbulletin search-ui proof-of-concept vulnerability  

• 17:42

  vBulletin Search UI SQL Injection

   » ‎ Packet Storm Security Recent Files
  vBulletin suffers from a Search UI remote SQL injection vulnerability. Proof of concept code included.

  Tags:  sql search vbulletin search-ui proof-of-concept vulnerability  

• 17:42

  vBulletin Search UI SQL Injection

   » ‎ Packet Storm Security Misc. Files
  vBulletin suffers from a Search UI remote SQL injection vulnerability. Proof of concept code included.

  Tags:  sql search vbulletin search-ui proof-of-concept vulnerability  

• July 14, 2011
• 22:30

  JaydeOnline Search Engine Cross Site Scripting

   » ‎ Packet Storm Security Exploits
  JaydeOnline Search Engine suffers from a cross site scripting vulnerability.

  Tags:  engine jaydeonline search cross-site-scripting vulnerability search-engine  

• 22:30

  JaydeOnline Search Engine Cross Site Scripting

   » ‎ Packet Storm Security Recent Files
  JaydeOnline Search Engine suffers from a cross site scripting vulnerability.

  Tags:  engine jaydeonline search cross-site-scripting vulnerability search-engine  

• 22:30

  JaydeOnline Search Engine Cross Site Scripting

   » ‎ Packet Storm Security Misc. Files
  JaydeOnline Search Engine suffers from a cross site scripting vulnerability.

  Tags:  engine jaydeonline search cross-site-scripting vulnerability search-engine  

• July 11, 2011
• 7:05

  MS Security Centre Search Poisoned With Infectious Smut

   » ‎ Packet Storm Security Headlines
  MS Security Centre Search Poisoned With Infectious Smut

  Tags:  centre search security centre-search ms-security security-centre  

• July 06, 2011
• 21:00

  [local exploits] - Effective File Search v6.7 DLL Hijacking Exploit

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [local exploits] - Effective File Search v6.7 DLL Hijacking Exploit

  Tags:  effective file search file-search hijacking exploits  

• 18:28

  Effective File Search 6.7 DLL Hijack

   » ‎ Packet Storm Security Exploits
  Effective File Search version 6.7 suffers from a DLL hijacking vulnerability.

  Tags:  effective file search search-version file-search hijacking  

• 18:28

  Effective File Search 6.7 DLL Hijack

   » ‎ Packet Storm Security Recent Files
  Effective File Search version 6.7 suffers from a DLL hijacking vulnerability.

  Tags:  effective file search search-version file-search hijacking  

• 18:28

  Effective File Search 6.7 DLL Hijack

   » ‎ Packet Storm Security Misc. Files
  Effective File Search version 6.7 suffers from a DLL hijacking vulnerability.

  Tags:  effective file search search-version file-search hijacking  

• May 23, 2011
• 0:00

  Vuln: Multiple vBulletin Products 'Search Multiple Content Types' SQL Injection Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Multiple vBulletin Products 'Search Multiple Content Types' SQL Injection Vulnerability

  Tags:  multiple search vbulletin content-types vulnerability  

• May 20, 2011
• 21:00

  [webapps / 0day] - vBulletin 4.0.x => 4.1.2 (search.php) SQL Injection Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - vBulletin 4.0.x => 4.1.2 (search.php) SQL Injection Vulnerability

  Tags:  day search vbulletin vulnerability  

• May 11, 2011
• 17:50

  GGGooglescan 0.4

   » ‎ Packet Storm Security Recent Files
  GGGooglescan is a Google scraper which performs automated searches and returns results of search queries in the form of URLs or hostnames. Datamining Google's search index is useful for many applications. Despite this, Google makes it difficult for researchers to perform automatic search queries. The aim of GGGooglescan is to make automated searches possible by avoiding the search activity that is detected as bot behavior.

  Tags:  gggooglescan google search search-queries search-activity automatic-search  

• 17:50

  GGGooglescan 0.4

   » ‎ Packet Storm Security Tools
  GGGooglescan is a Google scraper which performs automated searches and returns results of search queries in the form of URLs or hostnames. Datamining Google's search index is useful for many applications. Despite this, Google makes it difficult for researchers to perform automatic search queries. The aim of GGGooglescan is to make automated searches possible by avoiding the search activity that is detected as bot behavior.

  Tags:  gggooglescan google search search-queries search-activity automatic-search  

• 17:50

  GGGooglescan 0.4

   » ‎ Packet Storm Security Misc. Files
  GGGooglescan is a Google scraper which performs automated searches and returns results of search queries in the form of URLs or hostnames. Datamining Google's search index is useful for many applications. Despite this, Google makes it difficult for researchers to perform automatic search queries. The aim of GGGooglescan is to make automated searches possible by avoiding the search activity that is detected as bot behavior.

  Tags:  gggooglescan google search search-queries search-activity automatic-search  

• March 20, 2011
• 22:25

  [Video] Search & Seizure & Golfballs

   » ‎ SecDocs
  Authors: Eric Rachner Jim Rennie
  Tags: law privacy
  Event: DEFCON 18
  

  Tags:  video search seizure jim-rennie eric-rachner privacy-event video-search  

• 2:49

  [Video] Lord of the Bing: Taking Back Search Engine Hacking from Google and Bing

   » ‎ SecDocs
  Authors: Francis Brown Rob Ragan
  Tags: intelligence search engine
  Event: DEFCON 18
  

  Tags:  video engine search bing authors brown-rob-ragan google ragan intelligence  

• 2:39

  [Slides] Lord of the Bing: Taking Back Search Engine Hacking from Google and Bing

   » ‎ SecDocs
  Authors: Francis Brown Rob Ragan
  Tags: intelligence search engine
  Event: DEFCON 18
  

  Tags:  engine lord search bing authors brown-rob-ragan google ragan slides  

• 2:37

  [Audio] Lord of the Bing: Taking Back Search Engine Hacking from Google and Bing

   » ‎ SecDocs
  Authors: Francis Brown Rob Ragan
  Tags: intelligence search engine
  Event: DEFCON 18
  

  Tags:  engine audio search bing authors brown-rob-ragan google ragan intelligence  

• February 21, 2011
• 0:00

  Vuln: phpMyAdmin Database Search Cross Site Scripting Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  phpMyAdmin Database Search Cross Site Scripting Vulnerability

  Tags:  phpmyadmin database search cross-site-scripting database-search vulnerability  

• February 02, 2011
• 21:25

  [Audio] The Search for Perfect Handcuffs... and the Perfect Handcuff Key

   » ‎ SecDocs
  Tags: lockpicking
  Event: DEFCON 18
  

  Tags:  audio search perfect key-tags handcuffs  

• 21:25

  [Video] The Search for Perfect Handcuffs... and the Perfect Handcuff Key

   » ‎ SecDocs
  Tags: lockpicking
  Event: DEFCON 18
  

  Tags:  video search perfect key-tags handcuffs  

• January 27, 2011
• 17:15

  FBI Serves 40 Search Warrants In Anonymous Crackdown

   » ‎ Packet Storm Security Headlines
  FBI Serves 40 Search Warrants In Anonymous Crackdown

  Tags:  serves search fbi search-warrants crackdown  

• January 12, 2011
• 0:00

  Vuln: PHP-Nuke Search Module Cross-Site Scripting Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  PHP-Nuke Search Module Cross-Site Scripting Vulnerability

  Tags:  module php-nuke search search-module vulnerability  

• December 31, 2010
• 0:00

  Vuln: phpMyAdmin Database Search Cross Site Scripting Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  phpMyAdmin Database Search Cross Site Scripting Vulnerability

  Tags:  phpmyadmin database search cross-site-scripting database-search vulnerability  

• December 17, 2010
• 16:39

  Google Search Warns Of Compromised Sites

   » ‎ Packet Storm Security Headlines
  Google Search Warns Of Compromised Sites

  Tags:  google warns search  

• December 08, 2010
• 0:00

  Vuln: phpMyAdmin Database Search Cross Site Scripting Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  phpMyAdmin Database Search Cross Site Scripting Vulnerability

  Tags:  phpmyadmin database search cross-site-scripting database-search vulnerability  

• October 22, 2010
• 8:00

  1000W search light – now build a bat signal

   » ‎ Hack a Day
  Forget flashlights, and leave those burning lasers at home, [Ben Krasnow] built a search light using a 1000W xenon arc lamp. That box you see on the side of the trash-can housing countains a starting circuit that shoots 30 kilovolts through the xenon lamp to get it started but it is separate from the power [...]

  Tags:  xenon lamp search ben-krasnow xenon-arc-lamp xenon-lamp bat-signal classic hacks  

• October 12, 2010
• 19:51

  Dorkmaster Search Engine Crawler

   » ‎ Packet Storm Security Tools
  Dorkmaster is a python script that crawls Google and Bing results looking for various pieces of software that has historically had vulnerabilities. This is useful for verifying that your company is in compliance with software run on a given site.

  Tags:  dorkmaster search Software bing python-script engine-crawler google  

• September 22, 2010
• 9:00

  Bugtraq: [ GLSA 201009-08 ] python-updater: Untrusted search path

   » ‎ SecurityFocus Vulnerabilities
  [ GLSA 201009-08 ] python-updater: Untrusted search path

  Tags:  untrusted glsa search search-path python  

• September 09, 2010
• 0:00

  Vuln: Apple Safari Search Path Arbitrary Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Apple Safari Search Path Arbitrary Code Execution Vulnerability

  Tags:  path arbitrary search apple-safari arbitrary-code-execution safari-search  

• September 05, 2010
• 5:26

  A-Blog v2.0 (sources/search.php) SQL Injection Exploit

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  A-Blog v2.0 (sources/search.php) SQL Injection Exploit

  Tags:  php a-blog search blog  

• August 18, 2010
• 12:37

  Webedition 6.0.0.8 (Search.php) Denial of Service

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  Webedition 6.0.0.8 (Search.php) Denial of Service

  Tags:  webedition php search denial-of-service  

• August 17, 2010
• 4:56

  Apartmen Search Remote (phbypass) Insecure Cookie Handling

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  Apartmen Search Remote (phbypass) Insecure Cookie Handling

  Tags:  apartmen remote search  

• July 22, 2010
• 0:00

  Vuln: phpMyFAQ Search Page Cross Site Scripting Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  phpMyFAQ Search Page Cross Site Scripting Vulnerability

  Tags:  phpmyfaq page search cross-site-scripting vulnerability search-page  

• July 11, 2010
• 1:00

  Edgephp Government Search Engine PHP Script Multiple Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  Edgephp Government Search Engine PHP Script Multiple Vulnerability

  Tags:  government search edgephp government-search-engine search-engine-php vulnerability  

• July 08, 2010
• 0:00

  Vuln: CruxCMS 'search.php' Cross-Site Scripting Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  CruxCMS 'search.php' Cross-Site Scripting Vulnerability

  Tags:  cruxcms php search vulnerability  

• July 06, 2010
• 21:03

  dic.pl.txt

   » ‎ Packet Storm Security Tools
  Download Indexed Cache is a proof of concept script that implements the Google SOAP Search API to retrieve content indexed within the Google Cache to support the Search Engine Reconnaissance section of the OWASP Testing Guide version 3.

  Tags:  google cache search google-cache proof-of-concept  

• 21:02

  dic.pl.txt

   » ‎ Packet Storm Security Recent Files
  Download Indexed Cache is a proof of concept script that implements the Google SOAP Search API to retrieve content indexed within the Google Cache to support the Search Engine Reconnaissance section of the OWASP Testing Guide version 3.

  Tags:  google cache search google-cache proof-of-concept  

• June 29, 2010
• 1:00

  PHP Bible Search Xss & SQL Injection Vulnerabilities

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  PHP Bible Search Xss & SQL Injection Vulnerabilities

  Tags:  php search bible bible-search  

• 0:00

  Vuln: PHP Bible Search 'bible.php' SQL Injection and Cross Site Scripting Vulnerabilities

   » ‎ SecurityFocus Vulnerabilities
  PHP Bible Search 'bible.php' SQL Injection and Cross Site Scripting Vulnerabilities

  Tags:  php search bible search-bible sql-injection bible-search  

• June 22, 2010
• 1:00

  Job Search Engine Script SQL Injection Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  Job Search Engine Script SQL Injection Vulnerability

  Tags:  engine search job search-engine-script script-sql job-search  

• 1:00

  Job Search SQL Injection Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  Job Search SQL Injection Vulnerability

  Tags:  sql search job job-search vulnerability  

• 0:00

  Vuln: Job Search Engine 'show_search_result.php' SQL Injection Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Job Search Engine 'show_search_result.php' SQL Injection Vulnerability

  Tags:  engine search job job-search vulnerability search-result  

• June 21, 2010
• 10:00

  Bugtraq: XSS vulnerability in the search module of synType CMS

   » ‎ SecurityFocus Vulnerabilities
  XSS vulnerability in the search module of synType CMS

  Tags:  xss vulnerability search search-module  

• June 06, 2010
• 0:00

  Vuln: Joomla! 'com_searchlog' Component 'search' Parameter SQL Injection Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Joomla! 'com_searchlog' Component 'search' Parameter SQL Injection Vulnerability

  Tags:  search com searchlog component-search search-parameter vulnerability  

• 0:00

  Vuln: ReVou Search Field Cross Site Scripting Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ReVou Search Field Cross Site Scripting Vulnerability

  Tags:  revou field search search-field cross-site-scripting vulnerability  

• May 31, 2010
• 0:00

  Vuln: Ghostscript './Encoding/' Search Path Local Privilege Escalation Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Ghostscript './Encoding/' Search Path Local Privilege Escalation Vulnerability

  Tags:  ghostscript encoding search privilege-escalation-vulnerability local-privilege-escalation search-path  

• May 28, 2010
• 0:00

  Vuln: Ghostscript './Encoding/' Search Path Local Privilege Escalation Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Ghostscript './Encoding/' Search Path Local Privilege Escalation Vulnerability

  Tags:  ghostscript encoding search privilege-escalation-vulnerability local-privilege-escalation search-path  

• May 27, 2010
• 0:00

  Vuln: Ghostscript './Encoding/' Search Path Local Privilege Escalation Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Ghostscript './Encoding/' Search Path Local Privilege Escalation Vulnerability

  Tags:  ghostscript encoding search privilege-escalation-vulnerability local-privilege-escalation search-path  

• May 26, 2010
• 0:00

  Vuln: Ghostscript './Encoding/' Search Path Local Privilege Escalation Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Ghostscript './Encoding/' Search Path Local Privilege Escalation Vulnerability

  Tags:  ghostscript encoding search privilege-escalation-vulnerability local-privilege-escalation search-path  

• May 22, 2010
• 1:00

  ECShop Search.php SQL Injection Exploit

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  ECShop Search.php SQL Injection Exploit

  Tags:  ecshop php search  

• May 06, 2010
• 1:00

  AV Arcade Search Field XSS/HTML Injection Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  AV Arcade Search Field XSS/HTML Injection Vulnerability

  Tags:  arcade field search search-field vulnerability  

• April 28, 2010
• 1:00

  Ps News Portal (search.php) (XSS/URL Redirecting) Multiple Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  Ps News Portal (search.php) (XSS/URL Redirecting) Multiple Vulnerability

  Tags:  news portal search portal-search vulnerability  

• April 20, 2010
• 0:41

  [Audio] Search And Seizure Explained - They Took My Laptop!

   » ‎ SecDocs
  Authors: Tyler Pitchford
  Tags: law privacy
  Event: DEFCON 17
  

  Tags:  audio search seizure tyler privacy-event search-and-seizure audio-search  

• 0:41

  [Slides] Search And Seizure Explained - They Took My Laptop!

   » ‎ SecDocs
  Authors: Tyler Pitchford
  Tags: law privacy
  Event: DEFCON 17
  

  Tags:  explained search seizure tyler privacy-event search-and-seizure pitchford  

• 0:41

  [Video] Search And Seizure Explained - They Took My Laptop!

   » ‎ SecDocs
  Authors: Tyler Pitchford
  Tags: law privacy
  Event: DEFCON 17
  

  Tags:  video search seizure tyler privacy-event search-and-seizure pitchford  

• April 05, 2010
• 1:00

  ASP Search 1.0 (Auth Bypass) Remote SQL Injection Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  ASP Search 1.0 (Auth Bypass) Remote SQL Injection Vulnerability

  Tags:  auth asp search sql-injection vulnerability  

• 0:00

  Vuln: ViewVC Regular Expression Search Cross Site Scripting Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ViewVC Regular Expression Search Cross Site Scripting Vulnerability

  Tags:  expression viewvc search expression-search regular-expression cross-site-scripting  

• April 02, 2010
• 21:00

  bing-ip2hosts-0.2.tar.gz

   » ‎ Packet Storm Security Tools
  This tool enumerates hostnames from Bing.com for an IP address. Bing.com is Microsoft's search engine which has an IP: search parameter. Written in Bash for Linux. Requires wget.

  Tags:  hosts search com bing search-parameter ip-search hostnames  

• March 31, 2010
• 10:00

  secunia-viewvc.txt

   » ‎ Packet Storm Security Recent Files
  Secunia Research has discovered a vulnerability in ViewVC, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed to the regular expression search functionality is not properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Successful exploitation requires that the regular expression search functionality is enabled (disabled by default).

  Tags:  user search expression expression-search search-functionality arbitrary-html  

• 10:00

  secunia-viewvc.txt

   » ‎ Packet Storm Security Advisories
  Secunia Research has discovered a vulnerability in ViewVC, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed to the regular expression search functionality is not properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Successful exploitation requires that the regular expression search functionality is enabled (disabled by default).

  Tags:  user search expression expression-search search-functionality arbitrary-html  

• 1:02

  Sophos lifts lid on hackers' 'sick' search engine attacks

   » ‎ Sophos security news
  Sophos publishes technical paper discussing Search Engine Optimisation attacks.

  Tags:  engine sophos search search-engine-optimisation hackers  

• 0:00

  Security Researchers Scrutinise Search Engine Poisonings

   » ‎ Packet Storm Security Headlines
  Security Researchers Scrutinise Search Engine Poisonings

  Tags:  researchers search scrutinise security-researchers search-engine  

• March 28, 2010
• 1:00

  68kb Knowledge Base Script v1.0.0rc2 Search SQL Injection

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  68kb Knowledge Base Script v1.0.0rc2 Search SQL Injection

  Tags:  sql search script knowledge-base script-v1  

• March 23, 2010
• 0:00

  Your Health, Tax, And Search Data Siphoned

   » ‎ Packet Storm Security Headlines
  Your Health, Tax, And Search Data Siphoned

  Tags:  health tax search health-tax search-data  

• March 13, 2010
• 12:00

  Apple Safari history search

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  Apple Safari history search

  Tags:  search history apple-safari history-search  

• March 11, 2010
• 5:00

  mhproducts kleinanzeigenmarkt (search.php) SQL Injection

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  mhproducts kleinanzeigenmarkt (search.php) SQL Injection

  Tags:  kleinanzeigenmarkt php search  

• March 10, 2010
• 0:00

  google hacking search key... huge list

   » ‎ darkc0de
  google hacking search key... huge list

  Tags:  list search google hacking-search huge-list  

• March 09, 2010
• 12:00

  mhproducts kleinanzeigenmarkt (search.php) SQL Injection

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  mhproducts kleinanzeigenmarkt (search.php) SQL Injection

  Tags:  kleinanzeigenmarkt php search  

• March 02, 2010
• 4:46

  Etterfilter ne fonctionne pas avec search()

   » ‎ remote-exploit & backtrack
  Bonjour.
  J'ai un petit soucis avec etterfilter. quand je veux utiliser al fonction search(), il ne found rien.
  Par exemple. J'ai deux Vm's, un client et un serveur web, sur deux subnet différents (deux virtual interface) et mon pc entre les deux qui fait routeur.
  Voici un exemple de script qui ne fonctionne pas :
  Code: if (search(DATA.data, "<title>")){
      msg("! \n");
}
else{
      msg(". \n");
} Je lance ettercap comme cela :
  Code: ettercap -T -F ~/Filtre.ef -i vboxnet0 -q Alors que en regardant avec wireshark, j'ai bien des paquets contenant "<title>" qui circulent.
  Ca fait une semaine que je galère avec ça.
  J'ai déja demandé sur des chans irc (dont le backtrackfr), forums et amis...
  Rien.
  Si quelqu'un a une solution
  Merci d'avance
  
  Manu404

  Tags:  nbsp quot search manu virtual-interface serveur-web chans Espace debutant  

• February 03, 2010
• 0:00

  Vuln: Joomla! JEvents Search Plugin 'eventsearch.php' SQL Injection Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Joomla! JEvents Search Plugin 'eventsearch.php' SQL Injection Vulnerability

  Tags:  jevents search joomla search-plugin php-sql vulnerability