«
Expand/Collapse
179 items tagged "scripting"
Related tags:
multiple [+],
cms [+],
frams [+],
file exchange [+],
winn guestbook [+],
ruby on rails [+],
ruby [+],
nmap [+],
fyodor tags [+],
david fifield [+],
code execution [+],
vulnerability detection [+],
usa [+],
python [+],
openoffice [+],
open proxies [+],
nse experience [+],
nse [+],
fyodor [+],
engine [+],
winn [+],
wells fargo [+],
various [+],
solarwinds [+],
singapore version [+],
singapore [+],
sea [+],
photo station [+],
philip abbey cross [+],
philip abbey [+],
pandora fms [+],
pandora [+],
orion solarwinds [+],
orion [+],
origin [+],
mura cms [+],
mura [+],
mountain internet [+],
mountain [+],
maxthon [+],
mailguard [+],
maia mailguard [+],
maia [+],
internet [+],
horde [+],
hero framework [+],
hero [+],
grady levkov [+],
framework version [+],
forgery [+],
fms [+],
ebay [+],
domino sametime [+],
domino [+],
cross application [+],
com [+],
citizens bank [+],
c market [+],
bank wells [+],
b communication [+],
avant browser [+],
avant [+],
ariadne [+],
apprain [+],
alpha cross [+],
alpha [+],
whitepaper [+],
website [+],
twsl [+],
pdf [+],
messenger version [+],
lan messenger [+],
kerwin cross [+],
kerwin [+],
kerweb [+],
insertion [+],
guestbook v2 [+],
firefox [+],
eleanor cms [+],
eleanor [+],
desktop version [+],
central desktop [+],
apple cross [+],
apple [+],
cross site scripting [+],
wordpress [+],
waf [+],
vulnerability assessment [+],
vuln [+],
vertrigoserv [+],
utm [+],
temenos t24 [+],
temenos [+],
stephen [+],
sqlitemanager [+],
simpleinvoices [+],
simplegroupware [+],
server path [+],
serendipity [+],
security assessment [+],
sap [+],
saltos [+],
saints row [+],
piwik [+],
phpcas [+],
openx [+],
network node manager [+],
network [+],
nagios [+],
microsoft [+],
matt flick tags [+],
mastering [+],
manager i [+],
library software [+],
koha [+],
kayako [+],
jeff yestrumskas [+],
interwebs [+],
internet explorer 8 [+],
information disclosure [+],
icinga [+],
hp network [+],
hacks [+],
fusion [+],
fortigate [+],
flick [+],
fifield [+],
dotdefender [+],
curiosity [+],
cube [+],
cross site [+],
covert channel [+],
context [+],
content management system [+],
comntrnam [+],
com whitepaper [+],
cmsimple [+],
chart generator [+],
cfnetwork [+],
bugzilla [+],
blog [+],
babylon [+],
authenticated [+],
application [+],
appliances [+],
apple safari [+],
apache axis2 [+],
android [+],
a form [+],
3d cube [+],
site [+],
vulnerabilities [+],
cross [+],
xss [+],
bugtraq [+],
vulnerability [+]
-
-
16:00
»
SecuriTeam
SimpleInvoices 2011.1 is prone to a Cross-Site-Scripting (XSS) Vulnerabilities
-
-
15:55
»
Packet Storm Security Advisories
Maxthon and Avant browsers suffer from various flaws such as same origin policy bypass, cross context scripting, and various other vulnerabilities.
-
15:55
»
Packet Storm Security Recent Files
Maxthon and Avant browsers suffer from various flaws such as same origin policy bypass, cross context scripting, and various other vulnerabilities.
-
15:55
»
Packet Storm Security Misc. Files
Maxthon and Avant browsers suffer from various flaws such as same origin policy bypass, cross context scripting, and various other vulnerabilities.
-
-
11:01
»
Hack a Day
There’s a silly little Android game making some noise on the Interwebs. It’s called Curiosity which is a 3D cube with something inside. The thing is, every single pixel on the cube must be clicked in order to get through a layer. There are of course multiple layers, and… well, you get the point. [Stephen] [...]
-
-
17:00
»
SecuriTeam
There are multiple vulnerabilities in OpenX, which can be exploited to perform Cross-Site Scripting (XSS) and SQL Injection attacks.
-
7:41
»
Packet Storm Security Exploits
Hero Framework version 3.69 suffers form a reflected cross site scripting vulnerability when malicious input is passed to the month variable.
-
-
0:32
»
SecDocs
Authors:
David Fifield Fyodor Tags:
vulnerability assessment scanning Event:
Black Hat USA 2010 Abstract: Most security practitioners can use Nmap for simple port scanning and OS detection, but the Nmap Scripting Engine (NSE) takes scanning to a whole new level. Nmap's high-speed networking engine can now spider web sites for SQL injection vulnerabilities, brute-force crack and query MSRPC services, find open proxies, and more. Nmap includes more than 125 NSE scripts for network discovery, vulnerability detection, exploitation, and authentication cracking. Rather than give a dry overview of NSE, Fyodor and Nmap co-maintainer David Fifield demonstrate practical solutions to common problems. They have scanned millions of hosts with NSE and will discuss vulnerabilities found on enterprise networks and how Nmap can be used to quickly detect those problems on your own systems. Then they demonstrate how easy it is to write custom NSE scripts to meet the needs of your network. Finally they take a quick look at recent Nmap developments and provide a preview of what is soon to come. This presentation does not require any NSE experience, but it wouldn't hurt to read nmap.org/book/nse.html.
-
0:23
»
SecDocs
Authors:
David Fifield Fyodor Tags:
vulnerability assessment scanning Event:
Black Hat USA 2010 Abstract: Most security practitioners can use Nmap for simple port scanning and OS detection, but the Nmap Scripting Engine (NSE) takes scanning to a whole new level. Nmap's high-speed networking engine can now spider web sites for SQL injection vulnerabilities, brute-force crack and query MSRPC services, find open proxies, and more. Nmap includes more than 125 NSE scripts for network discovery, vulnerability detection, exploitation, and authentication cracking. Rather than give a dry overview of NSE, Fyodor and Nmap co-maintainer David Fifield demonstrate practical solutions to common problems. They have scanned millions of hosts with NSE and will discuss vulnerabilities found on enterprise networks and how Nmap can be used to quickly detect those problems on your own systems. Then they demonstrate how easy it is to write custom NSE scripts to meet the needs of your network. Finally they take a quick look at recent Nmap developments and provide a preview of what is soon to come. This presentation does not require any NSE experience, but it wouldn't hurt to read nmap.org/book/nse.html.
-
0:22
»
SecDocs
Authors:
David Fifield Fyodor Tags:
vulnerability assessment scanning Event:
Black Hat USA 2010 Abstract: Most security practitioners can use Nmap for simple port scanning and OS detection, but the Nmap Scripting Engine (NSE) takes scanning to a whole new level. Nmap's high-speed networking engine can now spider web sites for SQL injection vulnerabilities, brute-force crack and query MSRPC services, find open proxies, and more. Nmap includes more than 125 NSE scripts for network discovery, vulnerability detection, exploitation, and authentication cracking. Rather than give a dry overview of NSE, Fyodor and Nmap co-maintainer David Fifield demonstrate practical solutions to common problems. They have scanned millions of hosts with NSE and will discuss vulnerabilities found on enterprise networks and how Nmap can be used to quickly detect those problems on your own systems. Then they demonstrate how easy it is to write custom NSE scripts to meet the needs of your network. Finally they take a quick look at recent Nmap developments and provide a preview of what is soon to come. This presentation does not require any NSE experience, but it wouldn't hurt to read nmap.org/book/nse.html.
-
0:21
»
SecDocs
Authors:
David Fifield Fyodor Tags:
vulnerability assessment scanning Event:
Black Hat USA 2010 Abstract: Most security practitioners can use Nmap for simple port scanning and OS detection, but the Nmap Scripting Engine (NSE) takes scanning to a whole new level. Nmap's high-speed networking engine can now spider web sites for SQL injection vulnerabilities, brute-force crack and query MSRPC services, find open proxies, and more. Nmap includes more than 125 NSE scripts for network discovery, vulnerability detection, exploitation, and authentication cracking. Rather than give a dry overview of NSE, Fyodor and Nmap co-maintainer David Fifield demonstrate practical solutions to common problems. They have scanned millions of hosts with NSE and will discuss vulnerabilities found on enterprise networks and how Nmap can be used to quickly detect those problems on your own systems. Then they demonstrate how easy it is to write custom NSE scripts to meet the needs of your network. Finally they take a quick look at recent Nmap developments and provide a preview of what is soon to come. This presentation does not require any NSE experience, but it wouldn't hurt to read nmap.org/book/nse.html.
-
-
6:38
»
Packet Storm Security Exploits
appRain versions 0.1.3 and 0.1.4-Alpha for both the Quick Start and Core editions suffer from multiple cross site scripting vulnerabilities.