New User, Welcome!     Login

Top Sites

Hijacking Safari 4 Top Sites with Phish Bombs

- Discovered by : Inferno 
=============================================

I. TITLE
-------------------------
Hijacking Safari 4 Top Sites with Phish Bombs

II. VULNERABLE
-------------------------
Safari 4 all versions < 4.0.3 
Platforms affected - Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X

PhpNuke (add-on) MS TopSites Edit Exploit And Html Injection

-
- Homepage: WwW.0x90.CoM.Ar
-
- Contact : Guns[at]0x90[dot]com[dot]ar    
-
- Product : Php Nuke add-on MS TopSites 
-
- Website : http://phpnuke.org/ 
-
- Download: http://www.weblord.it/downloads/nuke65/addons/MS_TopSites_ITA.zip
-

Report vulnerabilities

Here's the vulnerabilities descriptions and POCs:
#################################

I write to report three vulnerabilities that I found in the last version 
of Aardvark Topsites PHP(5.2.1) and older versions.

The cause of all of them is the incorrect verification of input parameters.


Here are the vulnerabilities:


Copyright © 1995-2012 LinuxRocket.net. All rights reserved.

Nearly all of LinuxRocket's features are free. Be kind and donate to the cause!