Login or Register :: Home :: Search :: Your Account :: Forums :: Waraxe Advisories :: Tools :: June 16, 2025 Menu Home Logout Discussions Forums Members List IRC chat Tools Base64 coder MD5 hash CRC32 checksum ROT13 coder SHA-1 hash URL-decoder Sql Char Encoder Affiliates y3dips ITsec Md5 Cracker User Manuals AlbumNow Content Content Sections FAQ Top Info Feedback Recommend Us Search Journal Your Account User Info Welcome, Anonymous Nickname Password (Register) Membership: Latest: MichaelSnaRe New Today: 0 New Yesterday: 0 Overall: 9144 People Online: Visitors: 55 Members: 0 Total: 55 Full disclosure SEC Consult SA-20250604-0 :: Local Privilege Escalation and Default Credentials in INDAMED - MEDICAL OFFICE (Medical practice management) Demo version Full Disclosure: CVE-2025-31200 & CVE-2025-31201 – 0-Click iMessage Chain ? Secure Enclave Key Theft, Wormable RCE, Crypto Theft Defense in depth -- the Microsoft way (part 89): user grouppolicies don't deserve tamper protection CVE-2025-45542: Time-Based Blind SQL Injection in CloudClassroom PHP Project v1.0 ERPNext v15.53.1 Stored XSS in bio Field Allows Arbitrary Script Execution in Profile Page ERPNext v15.53.1 Stored XSS in user_image Field Allows Script Execution via Injected Image Path Local information disclosure in apport and systemd-coredump Stored XSS via File Upload - adaptcmsv3.0.3 IDOR "Change Password" Functionality - adaptcmsv3.0.3 Stored XSS "Send Message" Functionality - adaptcmsv3.0.3 Authenticated File Upload to RCE - adaptcmsv3.0.3 Stored XSS in "Description" Functionality - cubecartv6.5.9 Multiple Vulnerabilities in SAP GuiXT Scripting CVE-2024-47081: Netrc credential leak in PSF requests library Exploit CVE-2019-9978: Remote Code Execution in Social Warfare WordPress Plugin (<= 3.5.2) IT Security and Insecurity Portal www.waraxe.us Forum Index Search found 6 matches XSS cookie stealer in youtube ! Forum:Cross-site scripting aka XSS Posted: Thu Jul 31, 2008 2:04 am Subject: XSS cookie stealer in youtube ! NEUR0BASHER Replies: 5 Views: 20580 I tried that on vBulletin® Version 3.7.x with enabled HTML the cookie included the USER ID and USER PASSWORD PWNED greetinx go to my pwnographic friends! vBulletin 3.6.8 Phishing Site Forum:vBulletin Board Posted: Fri Apr 11, 2008 4:17 am Subject: vBulletin 3.6.8 Phishing Site NEUR0BASHER Replies: 3 Views: 9338 vBulletin 3.6.8 Phishing Site As I have already explained [url=http://www.waraxe.us/ftopict-2482.html#10727]in the other thread it's not possible to fetch the password hash from the cookie. All I w ... [vBulletin] [Tutorial] Password logger Forum:vBulletin Board Posted: Wed Apr 09, 2008 12:12 am Subject: [vBulletin] [Tutorial] Password logger NEUR0BASHER Replies: 52 Views: 145873 nice script - if you can tell me how to gain access to an ftp server I could even check it out;-) vbulletin 3.6.8 exploit Forum:vBulletin Board Posted: Tue Apr 08, 2008 6:13 pm Subject: vbulletin 3.6.8 exploit NEUR0BASHER Replies: 11 Views: 69299 it isn't getting bbsessionhash. It's only getting bblastvisit and bblastactivity. Also it looks like you need have the html page on the same domain as the forum, or it won't accept it as it's not on t ... XSS cookie stealer in youtube ! Forum:Cross-site scripting aka XSS Posted: Sat Apr 05, 2008 1:50 pm Subject: XSS cookie stealer in youtube ! NEUR0BASHER Replies: 5 Views: 20580 This is a simple but effective XSS link hidden in a youtube embedding code. When the user hovers the video with the mouse all cookie data, referrer url, ip address and browser agent info will be sent ... vbulletin 3.6.8 exploit Forum:vBulletin Board Posted: Sat Apr 05, 2008 9:03 am Subject: vbulletin 3.6.8 exploit NEUR0BASHER Replies: 11 Views: 69299 Hi! vBulletin 3.6.8 XSRF/XSS Vulnerability vBulletin Version: 3.6.8 Patch Level x and possible lower As administrators can use html in the usertitle an attacker can update the profile of an adm ... Page 1 of 1 All times are GMT Select a forumSecurity Research by waraxe----------------General discussionHow to fixMetasploit relatedHash cracking requests----------------MD5 hashesAll other hashesHash related informationhttp://www.waraxe.us portal----------------SuggestionsCooperation proposalsSecurity bugs and issues in general----------------Newbies cornerSql injectionCross-site scripting aka XSSRemote file inclusionFull path disclosureShell commands injectionPhishing and Social EngineeringAll other security holesVarious software----------------PhpNukePostNukePhpBBXMB forumvBulletin BoardInvision Power Boarde107MamboJoomlaXOOPSM$ WindowsLinux worldAll other softwareCoppermine Photo GalleryProgramming languages----------------PhpMySqlPerlJavaJavascriptC and C++Visual BasicBorland Delphi and PascalPythonHTML and XMLAssemblerReverse engineering----------------Newbies cornerDisassemblingPHP script decode requestsMiscellaneous stuff----------------Future of the ITNanotechnologyFun cornerLinksTry2hack sitesProxy databaseDirect Downloads----------------ToolsTutorialsWordlistsRecycle Bin----------------Removed messagesOutdated posts Powered by phpBB © 2001-2008 phpBB Group

PCWizardHub - Helping you fix, build, and optimize your PC life
All logos and trademarks in this site are property of their respective owner. The comments and posts are property of their posters, all the rest (c) 2004-2024 Janek Vind "waraxe"
Page Generation: 0.039 Seconds