Information Security News and Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>Sunbyte eFlower Script SQL Injection Vulnerability</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>==================================================
Sunbyte eFlower Script SQL Injection Vulnerability
==================================================
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ [...]

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>DMXReady Online Notebook Manager SQL Injection Vulnerability</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>============================================================
DMXReady Online Notebook Manager SQL Injection Vulnerability
============================================================
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ [...]

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>iScripts SocialWare 2.2.x Arbitrary File Upload Vulnerability</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>=============================================================
iScripts SocialWare 2.2.x Arbitrary File Upload Vulnerability
=============================================================
Name iScripts SocialWare
Vendor [...]

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>Docmint =&gt; 2.1 XSS|HTML|URL Injection/Redirecting Vulnerability</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>===============================================================
Docmint =&gt; 2.1 XSS|HTML|URL Injection/Redirecting Vulnerability
===============================================================
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ [...]

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>Mp3 Digitalbox 2.7.2.0 (.mp3) Local Stack Overflow PoC</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>======================================================
Mp3 Digitalbox 2.7.2.0 (.mp3) Local Stack Overflow PoC
======================================================
#!/usr/bin/perl
# Mp3 Digitalbox 2.7.2.0 (.mp3) Local Stack Overflow POC
# Author : v3n0m
# Site : http://yogyacarderlink.web.id/
# [...]

Facebook is updating its policies to explicitly allow a handful of third-party search engines to crawl public content.
Before, Facebook banned robots, spiders, scrapers or harvesting bots from automatically collecting data across the social networkâ??s pages, unless their creators had written permission. This raised the criticism that the social network was trying to have it both [...]

We’re really super excited about the release of this issue as it coincides with our first ever HITB security conference in Europe – HITBSecConf2010 – Amsterdam!
The design team has come up with (what we feel) is an even better and more refined layout and our magazine now has its own site! You’ll [...]