jetlib.sec » Tags » url

Feeds

133445 items (0 unread) in 27 feeds

• 1337day (was: Inj3ct0r, 1337db)
• OSVDB Vulnerabilities
• Exploit-DB
• SecurityFocus Vulnerabilities
• Bugtraq
• Full Disclosure
• XSSed
• Packet Storm Security Headlines
• Packet Storm Security Advisories
• Packet Storm Security Exploits
• Packet Storm Security Recent Files
• Packet Storm Security Tools
• Packet Storm Security Misc. Files
• Sophos security news
• Sophos product advisories
• Penetration Testing
• SecuriTeam
• BackTrack Linux Forums
• Threatpost
• SecDocs
• carnal0wnage.attackresearch.com
• Carnal0wnage
• Kernel Fun
• Darknet
• The Exploitant
• Hack a Day
• Wirevolution

97 items tagged "url"

Related tags: wordpress [+], com [+], wptouch [+], urls [+], spoof [+], firefox [+], shortener [+], open [+], based buffer overflow [+], sop [+], short [+], open url [+], inclusion [+], cross site scripting [+], bugtraq [+], zynga [+], xss [+], windows versions [+], windows [+], vulnerabilities [+], tugux [+], spoofing [+], script version [+], script [+], safari for windows [+], safari [+], request parameters [+], qtweb [+], python script [+], pseudo [+], plesk [+], parallels [+], orbit downloader [+], orbit [+], obfuscation [+], myst [+], mybb [+], java [+], internet browser version [+], information leakage [+], gentle [+], forgery [+], dword [+], downloader [+], code execution [+], cms [+], bug [+], buffer overflow vulnerability [+], buffer [+], blogsite [+], authentication server [+], attacker [+], ascii string [+], arcot [+], vulnerability [+], vmware [+], validation checks [+], url parameter [+], uri redirection [+], squid [+], redirect [+], quicktime [+], phpmyadmin [+], parameter [+], overflow [+], linux security [+], html [+], google [+], gnu wget [+], filtering [+], filename [+], domino web [+], dokuwiki [+], destination filename [+], day [+], cubecart [+], apple quicktime [+], zero day [+], zdi [+], webaccess [+], web [+], vmdirect [+], view [+], url url [+], url scanner [+], url forwarding [+], url data [+], txt [+], trend micro [+], trend [+], system [+], stack buffer [+], sqlmap [+], sql [+], spammers [+], site url [+], site [+], short url [+], shibboleth [+], shellexecute [+], server [+], scanner [+], safer use [+], removal tool [+], redirecting [+], read [+], public url [+], preview thumbnail [+], post [+], piwik [+], php [+], novell iprint [+], novell [+], netcat [+], ms internet [+], mozilla [+], microsoft windows system [+], microsoft windows [+], microsoft [+], micro [+], messenger [+], memory addresses [+], manager version [+], malformed url [+], major flaw [+], local [+], link manager [+], link [+], lineacms [+], kconsulting [+], joomla [+], iprint [+], internet explorer versions [+], internet [+], installation [+], injection [+], hunter [+], hijacking [+], handling [+], form [+], failure [+], facebook [+], f king [+], extractor [+], external server [+], explorer [+], exploits [+], evuln [+], download [+], denial of service [+], decode [+], cross [+], buffer overflow condition [+], buffer overflow [+], authentication credentials [+], arbitrary code execution [+], apple quicktime player [+], apple [+], activex control [+], Public [+], Fixes [+], ExploitsVulnerabilities [+], url redirection [+], redirection [+]

• May 06, 2012
• 14:00

  [local exploits] - URL Hunter 3.1.2.1 stack buffer overflow

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [local exploits] - URL Hunter 3.1.2.1 stack buffer overflow

  Tags:  url hunter buffer stack-buffer buffer-overflow exploits  

• April 23, 2012
• 9:00

  Bugtraq: Re: Squid URL Filtering Bypass

   » ‎ SecurityFocus Vulnerabilities
  Re: Squid URL Filtering Bypass

  Tags:  url squid filtering  

• April 19, 2012
• 11:01

  Bugtraq: Re: Squid URL Filtering Bypass

   » ‎ SecurityFocus Vulnerabilities
  Re: Squid URL Filtering Bypass

  Tags:  url squid filtering  

• March 27, 2012
• 19:43

  Safari For Windows 5.1.5 URL window.open() Spoof

   » ‎ Packet Storm Security Exploits
  Safari for Windows versions 5.1.5 and below URL window.open() spoofing exploit.

  Tags:  url safari windows safari-for-windows windows-versions spoof  

• 19:43

  Safari For Windows 5.1.5 URL window.open() Spoof

   » ‎ Packet Storm Security Recent Files
  Safari for Windows versions 5.1.5 and below URL window.open() spoofing exploit.

  Tags:  url safari windows safari-for-windows windows-versions spoof  

• 19:43

  Safari For Windows 5.1.5 URL window.open() Spoof

   » ‎ Packet Storm Security Misc. Files
  Safari for Windows versions 5.1.5 and below URL window.open() spoofing exploit.

  Tags:  url safari windows safari-for-windows windows-versions spoof  

• February 23, 2012
• 22:11

  Orbit Downloader URL Unicode Conversion Overflow

   » ‎ Packet Storm Security Exploits
  This Metasploit module exploits a stack-based buffer overflow in Orbit Downloader. The vulnerability is due to Orbit converting an URL ascii string to unicode in a insecure way with MultiByteToWideChar. The vulnerability is exploited with a specially crafted metalink file that should be opened with Orbit through the "File->Add Metalink..." option.

  Tags:  url downloader orbit based-buffer-overflow ascii-string orbit-downloader  

• 22:11

  Orbit Downloader URL Unicode Conversion Overflow

   » ‎ Packet Storm Security Recent Files
  This Metasploit module exploits a stack-based buffer overflow in Orbit Downloader. The vulnerability is due to Orbit converting an URL ascii string to unicode in a insecure way with MultiByteToWideChar. The vulnerability is exploited with a specially crafted metalink file that should be opened with Orbit through the "File->Add Metalink..." option.

  Tags:  url downloader orbit based-buffer-overflow ascii-string orbit-downloader  

• 22:11

  Orbit Downloader URL Unicode Conversion Overflow

   » ‎ Packet Storm Security Misc. Files
  This Metasploit module exploits a stack-based buffer overflow in Orbit Downloader. The vulnerability is due to Orbit converting an URL ascii string to unicode in a insecure way with MultiByteToWideChar. The vulnerability is exploited with a specially crafted metalink file that should be opened with Orbit through the "File->Add Metalink..." option.

  Tags:  url downloader orbit based-buffer-overflow ascii-string orbit-downloader  

• February 20, 2012
• 9:02

  Bugtraq: CubeCart 3.0.20 (3.0.x) and lower | Open URL Redirection Vulnerability [Updated]

   » ‎ SecurityFocus Vulnerabilities
  CubeCart 3.0.20 (3.0.x) and lower | Open URL Redirection Vulnerability [Updated]

  Tags:  url cubecart open open-url bugtraq  

• February 10, 2012
• 12:00

  Bugtraq: CubeCart 3.0.20 (3.0.x) and lower | Open URL Redirection Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  CubeCart 3.0.20 (3.0.x) and lower | Open URL Redirection Vulnerability

  Tags:  url cubecart open bugtraq vulnerability  

• February 03, 2012
• 0:00

  Vuln: C6 Messenger Installation URL Downloader ActiveX Control Arbitrary File Download Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  C6 Messenger Installation URL Downloader ActiveX Control Arbitrary File Download Vulnerability

  Tags:  installation messenger url activex-control vulnerability  

• December 23, 2011
• 15:29

  Apple Quicktime Empty URL Data Handler Code Execution Vulnerability

   » ‎ SecuriTeam
  This vulnerability allows remote attackers to potentially disclose memory addresses on vulnerable installations of Apple QuickTime Player.

  -

  Make your website safer. Use external penetration testing service. First report ready in one hour!

  Tags:  url vulnerability quicktime apple-quicktime apple-quicktime-player code-execution memory-addresses  

• November 06, 2011
• 15:22

  Zynga Open URL Redirect

   » ‎ Packet Storm Security Exploits
  Zynga suffers from an open URL redirection vulnerability in Farmville.

  Tags:  url zynga open url-redirection vulnerability  

• 15:22

  Zynga Open URL Redirect

   » ‎ Packet Storm Security Recent Files
  Zynga suffers from an open URL redirection vulnerability in Farmville.

  Tags:  url zynga open url-redirection vulnerability  

• 15:22

  Zynga Open URL Redirect

   » ‎ Packet Storm Security Misc. Files
  Zynga suffers from an open URL redirection vulnerability in Farmville.

  Tags:  url zynga open url-redirection vulnerability  

• October 28, 2011
• 13:00

  Bugtraq: ZDI-11-311 : Apple Quicktime Empty URL Data Handler Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-311 : Apple Quicktime Empty URL Data Handler Remote Code Execution Vulnerability

  Tags:  url apple quicktime code-execution apple-quicktime url-data  

• October 25, 2011
• 17:41

  Spammers Using Public URL Shortening Service To Evade Detection

   » ‎ Packet Storm Security Headlines
  Spammers Using Public URL Shortening Service To Evade Detection

  Tags:  Public url spammers public-url  

• October 10, 2011
• 8:28

  New Research Shows Facebook’s URL Scanner Is Vulnerable To Cloaking

   » ‎ Darknet
  Oh look, Facebook security (or insecurity) is in the news again – not that this technique is anything revolutionary or ground-breaking. It’s basically a HTTP referer detection system for the Facebook URL scanner (the thing that generates the preview/thumbnail etc for links posted to Facebook). By detecting it, you can feed it something...
  
  Read the full post at darknet.org.uk

  
  

  

  Tags:  url facebook scanner read url-scanner preview-thumbnail ExploitsVulnerabilities  

• 0:00

  Vuln: Dokuwiki 'url' HTML Injection Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Dokuwiki 'url' HTML Injection Vulnerability

  Tags:  url html dokuwiki vulnerability  

• October 07, 2011
• 10:14

  URL Shortener Script 1.0 SQL Injection

   » ‎ Packet Storm Security Exploits
  URL Shortener Script version 1.0 suffers from a remote SQL injection vulnerability.

  Tags:  shortener url script script-version vulnerability  

• 10:14

  URL Shortener Script 1.0 SQL Injection

   » ‎ Packet Storm Security Recent Files
  URL Shortener Script version 1.0 suffers from a remote SQL injection vulnerability.

  Tags:  shortener url script script-version vulnerability  

• 10:14

  URL Shortener Script 1.0 SQL Injection

   » ‎ Packet Storm Security Misc. Files
  URL Shortener Script version 1.0 suffers from a remote SQL injection vulnerability.

  Tags:  shortener url script script-version vulnerability  

• October 06, 2011
• 21:00

  [webapps / 0day] - URL Shortener Script 1.0 SQL Injection Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - URL Shortener Script 1.0 SQL Injection Vulnerability

  Tags:  shortener url day vulnerability  

• 14:00

  [webapps / 0day] - URL Shortener Script 1.0 SQL Injection Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - URL Shortener Script 1.0 SQL Injection Vulnerability

  Tags:  shortener url day vulnerability  

• October 03, 2011
• 3:11

  QtWeb 3.7.3 URL Spoof

   » ‎ Packet Storm Security Exploits
  QtWeb Internet Browser version 3.7.3 suffers from a URL spoofing vulnerability that can allow for phishing attacks.

  Tags:  spoof url qtweb internet-browser-version spoofing  

• 3:11

  QtWeb 3.7.3 URL Spoof

   » ‎ Packet Storm Security Recent Files
  QtWeb Internet Browser version 3.7.3 suffers from a URL spoofing vulnerability that can allow for phishing attacks.

  Tags:  spoof url qtweb internet-browser-version spoofing  

• 3:11

  QtWeb 3.7.3 URL Spoof

   » ‎ Packet Storm Security Misc. Files
  QtWeb Internet Browser version 3.7.3 suffers from a URL spoofing vulnerability that can allow for phishing attacks.

  Tags:  spoof url qtweb internet-browser-version spoofing  

• September 03, 2011
• 8:00

  Gentle Short URL Script Stored Cross Site Scripting

   » ‎ Packet Storm Security Exploits
  Gentle Short URL script suffers from a cross site scripting vulnerability.

  Tags:  url short gentle vulnerability  

• 8:00

  Gentle Short URL Script Stored Cross Site Scripting

   » ‎ Packet Storm Security Recent Files
  Gentle Short URL script suffers from a cross site scripting vulnerability.

  Tags:  url short gentle vulnerability  

• 8:00

  Gentle Short URL Script Stored Cross Site Scripting

   » ‎ Packet Storm Security Misc. Files
  Gentle Short URL script suffers from a cross site scripting vulnerability.

  Tags:  url short gentle vulnerability  

• August 11, 2011
• 22:10

  dword2url Malware Obfuscation

   » ‎ Packet Storm Security Recent Files
  dword2url is a python script for creating obfuscation in URLs for malware.

  Tags:  url dword obfuscation python-script urls  

• 22:10

  dword2url Malware Obfuscation

   » ‎ Packet Storm Security Tools
  dword2url is a python script for creating obfuscation in URLs for malware.

  Tags:  url dword obfuscation python-script urls  

• 22:10

  dword2url Malware Obfuscation

   » ‎ Packet Storm Security Misc. Files
  dword2url is a python script for creating obfuscation in URLs for malware.

  Tags:  url dword obfuscation python-script urls  

• July 24, 2011
• 19:21

  WordPress WPtouch 1.9.32 URL Redirect

   » ‎ Packet Storm Security Exploits
  WordPress WPtouch plugin version 1.9.32 suffers from a URL redirection vulnerability.

  Tags:  url wptouch wordpress url-redirection vulnerability  

• 19:21

  WordPress WPtouch 1.9.32 URL Redirect

   » ‎ Packet Storm Security Recent Files
  WordPress WPtouch plugin version 1.9.32 suffers from a URL redirection vulnerability.

  Tags:  url wptouch wordpress url-redirection vulnerability  

• 19:21

  WordPress WPtouch 1.9.32 URL Redirect

   » ‎ Packet Storm Security Misc. Files
  WordPress WPtouch plugin version 1.9.32 suffers from a URL redirection vulnerability.

  Tags:  url wptouch wordpress url-redirection vulnerability  

• July 21, 2011
• 6:56

  Google Fixes Major Flaw In URL Removal Tool

   » ‎ Packet Storm Security Headlines
  Google Fixes Major Flaw In URL Removal Tool

  Tags:  url google Fixes major-flaw removal-tool  

• July 16, 2011
• 8:35

  MyST BlogSite URL Redirect / Information Leakage

   » ‎ Packet Storm Security Exploits
  MyST BlogSite suffers from arbitrary URL redirection and information leakage vulnerabilities.

  Tags:  url blogsite myst information-leakage url-redirection  

• 8:35

  MyST BlogSite URL Redirect / Information Leakage

   » ‎ Packet Storm Security Recent Files
  MyST BlogSite suffers from arbitrary URL redirection and information leakage vulnerabilities.

  Tags:  url blogsite myst information-leakage url-redirection  

• 8:35

  MyST BlogSite URL Redirect / Information Leakage

   » ‎ Packet Storm Security Misc. Files
  MyST BlogSite suffers from arbitrary URL redirection and information leakage vulnerabilities.

  Tags:  url blogsite myst information-leakage url-redirection  

• July 06, 2011
• 0:00

  Vuln: Dokuwiki 'url' HTML Injection Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Dokuwiki 'url' HTML Injection Vulnerability

  Tags:  url html dokuwiki vulnerability  

• June 20, 2011
• 15:02

  WordPress WPTouch 1.9.27 URL Redirection

   » ‎ Packet Storm Security Exploits
  WordPress WPtouch plugin version 1.9.27 suffers from a URL redirection vulnerability.

  Tags:  url wptouch wordpress vulnerability url-redirection  

• 15:02

  WordPress WPTouch 1.9.27 URL Redirection

   » ‎ Packet Storm Security Recent Files
  WordPress WPtouch plugin version 1.9.27 suffers from a URL redirection vulnerability.

  Tags:  url wptouch wordpress vulnerability url-redirection  

• 15:02

  WordPress WPTouch 1.9.27 URL Redirection

   » ‎ Packet Storm Security Misc. Files
  WordPress WPtouch plugin version 1.9.27 suffers from a URL redirection vulnerability.

  Tags:  url wptouch wordpress vulnerability url-redirection  

• June 07, 2011
• 10:00

  Bugtraq: ZDI-11-181: Novell iPrint op-printer-list-all-jobs url Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-181: Novell iPrint op-printer-list-all-jobs url Remote Code Execution Vulnerability

  Tags:  novell url iprint novell-iprint code-execution bugtraq  

• June 06, 2011
• 0:00

  Vuln: phpMyAdmin 'url' Parameter URI Redirection Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  phpMyAdmin 'url' Parameter URI Redirection Vulnerability

  Tags:  url parameter phpmyadmin uri-redirection url-parameter vulnerability  

• May 24, 2011
• 0:00

  Vuln: phpMyAdmin 'url' Parameter URI Redirection Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  phpMyAdmin 'url' Parameter URI Redirection Vulnerability

  Tags:  url parameter phpmyadmin uri-redirection url-parameter vulnerability  

• May 22, 2011
• 8:13

  Tugux CMS 1.2 XSS / LFI / SQL Injection / URL Redirection

   » ‎ Packet Storm Security Exploits
  Tugux CMS version 1.2 suffers from cross site scripting, local file inclusion, url redirection, and remote SQL injection vulnerabilities.

  Tags:  url tugux cms redirection inclusion  

• 8:13

  Tugux CMS 1.2 XSS / LFI / SQL Injection / URL Redirection

   » ‎ Packet Storm Security Recent Files
  Tugux CMS version 1.2 suffers from cross site scripting, local file inclusion, url redirection, and remote SQL injection vulnerabilities.

  Tags:  url tugux cms redirection inclusion  

• 8:13

  Tugux CMS 1.2 XSS / LFI / SQL Injection / URL Redirection

   » ‎ Packet Storm Security Misc. Files
  Tugux CMS version 1.2 suffers from cross site scripting, local file inclusion, url redirection, and remote SQL injection vulnerabilities.

  Tags:  url tugux cms redirection inclusion  

• May 01, 2011
• 12:22

  Hi5.com XSS / XSRF / URL Redirection / Lack Of Encryption

   » ‎ Packet Storm Security Exploits
  Hi5.com suffers from cross site request forgery, cross site scripting, url redirection, and lack of encryption vulnerabilities.

  Tags:  url com redirection cross-site-scripting forgery vulnerabilities  

• 12:22

  Hi5.com XSS / XSRF / URL Redirection / Lack Of Encryption

   » ‎ Packet Storm Security Recent Files
  Hi5.com suffers from cross site request forgery, cross site scripting, url redirection, and lack of encryption vulnerabilities.

  Tags:  url com redirection cross-site-scripting forgery vulnerabilities  

• 12:22

  Hi5.com XSS / XSRF / URL Redirection / Lack Of Encryption

   » ‎ Packet Storm Security Misc. Files
  Hi5.com suffers from cross site request forgery, cross site scripting, url redirection, and lack of encryption vulnerabilities.

  Tags:  url com redirection cross-site-scripting forgery vulnerabilities  

• 4:11

  MyBB 1.6.3 XSS / URL Redirection

   » ‎ Packet Storm Security Advisories
  MyBB version 1.6.3 suffers from url redirection and cross site scripting vulnerabilities.

  Tags:  url mybb redirection url-redirection  

• 4:11

  MyBB 1.6.3 XSS / URL Redirection

   » ‎ Packet Storm Security Recent Files
  MyBB version 1.6.3 suffers from url redirection and cross site scripting vulnerabilities.

  Tags:  url mybb redirection url-redirection  

• 4:11

  MyBB 1.6.3 XSS / URL Redirection

   » ‎ Packet Storm Security Misc. Files
  MyBB version 1.6.3 suffers from url redirection and cross site scripting vulnerabilities.

  Tags:  url mybb redirection url-redirection  

• April 27, 2011
• 11:22

  CA Arcot WebFort Versatile Authentication Server XSS / URL Redirection

   » ‎ Packet Storm Security Advisories
  CA Technologies support is alerting customers to multiple security risks with CA Arcot WebFort Versatile Authentication Server. Two vulnerabilities exist that can allow a remote attacker to potentially compromise web user security. The first set of vulnerabilities occur due to insufficient handling of request parameters sent to the Arcot Administrative Console. An attacker, who can convince a user to follow a URL or view a webpage, can potentially conduct cross-site scripting attacks. The second vulnerability occurs due to insufficient filtering of a request parameter sent to the Arcot Administrative Console. An attacker, who can convince a user to follow a URL or view a webpage, can use redirection to potentially carry out additional web based attacks.

  Tags:  url attacker arcot authentication-server request-parameters  

• 11:22

  CA Arcot WebFort Versatile Authentication Server XSS / URL Redirection

   » ‎ Packet Storm Security Recent Files
  CA Technologies support is alerting customers to multiple security risks with CA Arcot WebFort Versatile Authentication Server. Two vulnerabilities exist that can allow a remote attacker to potentially compromise web user security. The first set of vulnerabilities occur due to insufficient handling of request parameters sent to the Arcot Administrative Console. An attacker, who can convince a user to follow a URL or view a webpage, can potentially conduct cross-site scripting attacks. The second vulnerability occurs due to insufficient filtering of a request parameter sent to the Arcot Administrative Console. An attacker, who can convince a user to follow a URL or view a webpage, can use redirection to potentially carry out additional web based attacks.

  Tags:  url attacker arcot authentication-server request-parameters  

• 11:22

  CA Arcot WebFort Versatile Authentication Server XSS / URL Redirection

   » ‎ Packet Storm Security Misc. Files
  CA Technologies support is alerting customers to multiple security risks with CA Arcot WebFort Versatile Authentication Server. Two vulnerabilities exist that can allow a remote attacker to potentially compromise web user security. The first set of vulnerabilities occur due to insufficient handling of request parameters sent to the Arcot Administrative Console. An attacker, who can convince a user to follow a URL or view a webpage, can potentially conduct cross-site scripting attacks. The second vulnerability occurs due to insufficient filtering of a request parameter sent to the Arcot Administrative Console. An attacker, who can convince a user to follow a URL or view a webpage, can use redirection to potentially carry out additional web based attacks.

  Tags:  url attacker arcot authentication-server request-parameters  

• April 25, 2011
• 8:45

  Java.com URL Redirect

   » ‎ Packet Storm Security Exploits
  Java.com suffered from an arbitrary URL redirect vulnerability.

  Tags:  java url com vulnerability  

• 8:45

  Java.com URL Redirect

   » ‎ Packet Storm Security Recent Files
  Java.com suffered from an arbitrary URL redirect vulnerability.

  Tags:  java url com vulnerability  

• 8:45

  Java.com URL Redirect

   » ‎ Packet Storm Security Misc. Files
  Java.com suffered from an arbitrary URL redirect vulnerability.

  Tags:  java url com vulnerability  

• March 25, 2011
• 10:48

  Parallels Plesk 8.2 URL Redirection

   » ‎ Packet Storm Security Exploits
  Parallels Plesk versions 7.0 through 8.2 suffer from an open URL redirection vulnerability.

  Tags:  url plesk parallels url-redirection open-url  

• 10:48

  Parallels Plesk 8.2 URL Redirection

   » ‎ Packet Storm Security Recent Files
  Parallels Plesk versions 7.0 through 8.2 suffer from an open URL redirection vulnerability.

  Tags:  url plesk parallels url-redirection open-url  

• 10:48

  Parallels Plesk 8.2 URL Redirection

   » ‎ Packet Storm Security Misc. Files
  Parallels Plesk versions 7.0 through 8.2 suffer from an open URL redirection vulnerability.

  Tags:  url plesk parallels url-redirection open-url  

• March 21, 2011
• 5:29

  sqlmap with POST requests

   » ‎ Carnal0wnage
  Notes for sqlmap and POST requests since every f**king tutorial only covers GETs
  
  options you'll want to use
  
  -u URL, --url=URL
  --method=METHOD
  --data=DATA
  -p TESTPARAMETER
  --prefix=PREFIX
  --postfix=POSTFIX
  --dbms=DBMS
  
  *--dbms= if sqlmap is sucking
  
  we'll assume we have a simple post request
  
  
  user@ubuntu:~/pentest/sqlmap-dev$ python sqlmap.py -u "http://192.168.1.100/fancyshmancy/login.aspx" --method POST --data "usernameTxt=blah&passwordTxt=blah&submitBtn=Log+On" -p "usernameTxt" --prefix="')" --dbms=mssql -v 2
  
  --method to pass the POST option
  
  --data to pass the paramaters that are required for the POST
  
  -p to pass the injectable field, so in this case the username field (usernameTxt)
  
  --prefix to pass what needs to be passed before we can inject. we had to issue a tick ( ' ) and right parenthesis ( ) ) to close out the query
  
  --dbms to tell it the backend was mssql
  
  this yields us an sqlmap query like so:
  
  Place: POST
  Parameter: usernameTxt
  Type: stacked queries
  Title: Microsoft SQL Server/Sybase stacked queries
  Payload: usernameTxt=blah'); WAITFOR DELAY '0:0:5';-- AND ('yTwo'='yTwo&passwordTxt=blah&submitBtn=Log+On
  ---

  Tags:  url sqlmap post f-king url-url sql injection  

• December 09, 2010
• 12:00

  Bugtraq: Firefox 3.6.13 pseudo-URL SOP check bug (CVE-2010-3774)

   » ‎ SecurityFocus Vulnerabilities
  Firefox 3.6.13 pseudo-URL SOP check bug (CVE-2010-3774)

  Tags:  url sop firefox bugtraq  

• 9:12

  Firefox 3.6.13 pseudo-URL SOP Check Bug

   » ‎ Packet Storm Security Advisories
  Firefox version 3.6.13 fixes an interesting bug in their same-origin policy logic for pseudo-URLs that do not have any inherent origin associated with them.

  Tags:  url bug firefox sop pseudo urls  

• 9:12

  Firefox 3.6.13 pseudo-URL SOP Check Bug

   » ‎ Packet Storm Security Recent Files
  Firefox version 3.6.13 fixes an interesting bug in their same-origin policy logic for pseudo-URLs that do not have any inherent origin associated with them.

  Tags:  url bug firefox sop pseudo urls  

• 9:12

  Firefox 3.6.13 pseudo-URL SOP Check Bug

   » ‎ Packet Storm Security Misc. Files
  Firefox version 3.6.13 fixes an interesting bug in their same-origin policy logic for pseudo-URLs that do not have any inherent origin associated with them.

  Tags:  url bug firefox sop pseudo urls  

• November 26, 2010
• 9:00

  Bugtraq: [eVuln.com] URL XSS in Easy Banner Free

   » ‎ SecurityFocus Vulnerabilities
  [eVuln.com] URL XSS in Easy Banner Free

  Tags:  url evuln com xss  

• September 02, 2010
• 22:01

  MDVSA-2010-170.txt

   » ‎ Packet Storm Security Recent Files
  Mandriva Linux Security Advisory 2010-170 - GNU Wget 1.12 and earlier uses a server-provided filename instead of the original URL to determine the destination filename of a download, which allows remote servers to create or overwrite arbitrary files via a 3xx redirect to a URL with a.wgetrc filename followed by a 3xx redirect to a URL with a crafted filename, and possibly execute arbitrary code as a consequence of writing to a dotfile in a home directory.

  Tags:  url redirect filename gnu-wget destination-filename linux-security  

• 22:01

  MDVSA-2010-170.txt

   » ‎ Packet Storm Security Advisories
  Mandriva Linux Security Advisory 2010-170 - GNU Wget 1.12 and earlier uses a server-provided filename instead of the original URL to determine the destination filename of a download, which allows remote servers to create or overwrite arbitrary files via a 3xx redirect to a URL with a.wgetrc filename followed by a 3xx redirect to a URL with a crafted filename, and possibly execute arbitrary code as a consequence of writing to a dotfile in a home directory.

  Tags:  url redirect filename gnu-wget destination-filename linux-security  

• August 24, 2010
• 6:41

  Joomla 1.5 URL Redirecting Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  Joomla 1.5 URL Redirecting Vulnerability

  Tags:  url redirecting joomla vulnerability  

• July 26, 2010
• 0:00

  Vuln: Shibboleth Redirection URL HTML Injection Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Shibboleth Redirection URL HTML Injection Vulnerability

  Tags:  shibboleth url redirection vulnerability  

• July 14, 2010
• 19:02

  IS-2010-006.txt

   » ‎ Packet Storm Security Advisories
  A buffer overflow condition can be triggered on the D-Link DAP-1160 by setting URL filtering for an overly long URL, leading to possible arbitrary code execution or denial of service. Successful authentication is required in order to exploit the vulnerability, but attackers can leverage other vulnerabilities for achieving unauthenticated remote exploitation.

  Tags:  txt url buffer-overflow-condition arbitrary-code-execution denial-of-service  

• June 28, 2010
• 1:00

  lineaCMS (XSS/URL Redirecting) Multiple Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  lineaCMS (XSS/URL Redirecting) Multiple Vulnerability

  Tags:  xss url lineacms vulnerability  

• June 26, 2010
• 1:00

  Kconsulting (XSS/URL Redirecting) Multiple Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  Kconsulting (XSS/URL Redirecting) Multiple Vulnerability

  Tags:  xss url kconsulting vulnerability  

• May 27, 2010
• 10:00

  Bugtraq: Cross Site URL Hijacking by using Error Object in Mozilla Firefox

   » ‎ SecurityFocus Vulnerabilities
  Cross Site URL Hijacking by using Error Object in Mozilla Firefox

  Tags:  url cross site hijacking site-url firefox  

• May 17, 2010
• 0:00

  Vuln: VMware View URL Processing Cross-site Scripting Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  VMware View URL Processing Cross-site Scripting Vulnerability

  Tags:  vmware url view vulnerability  

• May 08, 2010
• 1:00

  PHP Link Manager Version 1.7 Url Redirection Bug

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  PHP Link Manager Version 1.7 Url Redirection Bug

  Tags:  php url link manager-version link-manager  

• May 06, 2010
• 0:00

  Vuln: Piwik 'form_url' Parameter Cross Site Scripting Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Piwik 'form_url' Parameter Cross Site Scripting Vulnerability

  Tags:  url piwik form cross-site-scripting vulnerability  

• April 09, 2010
• 22:01

  Microsoft Windows URL Handling Vulnerability

   » ‎ SecuriTeam
  A flaw exists with the handling of malformed URL's passed through the ShellExeute() API.

  -

  Make your website safer. Use external penetration testing service. First report ready in one hour!

  Tags:  url microsoft handling malformed-url safer-use microsoft-windows  

• April 01, 2010
• 0:00

  Vuln: VMware WebAccess URL Forwarding Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  VMware WebAccess URL Forwarding Vulnerability

  Tags:  vmware url webaccess vulnerability url-forwarding  

• March 31, 2010
• 21:00

  TWSL2010-002.txt

   » ‎ Packet Storm Security Advisories
  The Struts-based web application uses the server-side session sattribute context_vmdirect to store various settings, including the URL to the XML web service backend. By default, the URL is http://localhost/sdk, but the web service URL can be manually set from a client browser in several locations. If wsUrl is changed to point at an external server, all SOAP calls for that session are sent to the specified server. This includes plaintext authentication credentials. An attacker could exploit this by tricking a user into following a link to /ui/vmDirect.do, with an attacker-controlled server passed in the view parameter.

  Tags:  url server web authentication-credentials vmdirect external-server  

• March 16, 2010
• 13:00

  Short URL v1.01 - Local File Inclusion Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  Short URL v1.01 - Local File Inclusion Vulnerability

  Tags:  url short local short-url vulnerability inclusion  

• March 02, 2010
• 19:00

  03.02.10-1.txt

   » ‎ Packet Storm Security Recent Files
  iDefense Security Advisory 03.02.10 - Remote exploitation of a stack-based buffer overflow vulnerability in IBM Corp.'s Lotus Domino Web Access ActiveX control could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerable function takes an attacker-controlled URL, and copies it into a fixed-size stack buffer. No validation checks are performed on the length of the URL. By passing in a long URL string, it is possible to trigger a stack-based buffer overflow, resulting in the execution of arbitrary code.

  Tags:  url overflow buffer domino-web buffer-overflow-vulnerability based-buffer-overflow validation-checks  

• 19:00

  03.02.10-1.txt

   » ‎ Packet Storm Security Advisories
  iDefense Security Advisory 03.02.10 - Remote exploitation of a stack-based buffer overflow vulnerability in IBM Corp.'s Lotus Domino Web Access ActiveX control could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerable function takes an attacker-controlled URL, and copies it into a fixed-size stack buffer. No validation checks are performed on the length of the URL. By passing in a long URL string, it is possible to trigger a stack-based buffer overflow, resulting in the execution of arbitrary code.

  Tags:  url overflow buffer domino-web buffer-overflow-vulnerability based-buffer-overflow validation-checks  

• February 27, 2010
• 11:04

  I need a netcat url to download

   » ‎ darkc0de
  I need a netcat url to download

  Tags:  url download netcat  

• February 24, 2010
• 7:00

  Mozilla Firefox v3.6 URL Spoofing Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  Mozilla Firefox v3.6 URL Spoofing Vulnerability

  Tags:  url mozilla firefox vulnerability  

• February 14, 2010
• 17:00

  WordPress >= 2.9 Failure to Restrict URL Access

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  WordPress >= 2.9 Failure to Restrict URL Access

  Tags:  url failure wordpress  

• February 12, 2010
• 4:00

  Decode URL rewriting

   » ‎ darkc0de
  Decode URL rewriting

  Tags:  url decode  

• February 11, 2010
• 10:00

  MS Internet Explorer versions 7 and 8 url validation vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  MS Internet Explorer versions 7 and 8 url validation vulnerability

  Tags:  url internet explorer internet-explorer-versions ms-internet vulnerability  

• February 09, 2010
• 17:00

  ZDI-10-016.txt

   » ‎ Packet Storm Security Advisories
  Zero Day Initiative Advisory 10-016 - This vulnerability allows remote attackers to force a Microsoft Windows system to execute a given local executable. User interaction is required in that the target must access a malicious URL. The specific flaw exists within the ShellExecute API. Using a specially formatted URL an attacker can bypass sanitization checks within this function and force the calling application into running an executable of their choice. Successful exploitation requires a useful binary to exist in a predictable location on the remote system.

  Tags:  url zdi system microsoft-windows-system shellexecute zero-day  

• February 05, 2010
• 3:00

  google 2 file , url extractor

   » ‎ darkc0de
  google 2 file , url extractor

  Tags:  url extractor google  

• February 04, 2010
• 0:00

  Vuln: Trend Micro URL Filtering Engine Buffer Overflow Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Trend Micro URL Filtering Engine Buffer Overflow Vulnerability

  Tags:  trend url micro buffer-overflow-vulnerability trend-micro