Login or Register :: Home :: Search :: Your Account :: Forums :: Waraxe Advisories :: Tools :: August 30, 2025 Menu Home Logout Discussions Forums Members List IRC chat Tools Base64 coder MD5 hash CRC32 checksum ROT13 coder SHA-1 hash URL-decoder Sql Char Encoder Affiliates y3dips ITsec Md5 Cracker User Manuals AlbumNow Content Content Sections FAQ Top Info Feedback Recommend Us Search Journal Your Account User Info Welcome, Anonymous Nickname Password (Register) Membership: Latest: MichaelSnaRe New Today: 0 New Yesterday: 0 Overall: 9144 People Online: Visitors: 76 Members: 0 Total: 76 Full disclosure Multi-Protocol Traceroute SEC Consult SA-20250728-0 :: Stored Cross-Site-Scripting in Optimizely Episerver CMS SEC Consult SA-20250807-0 :: Race Condition in Shopware Voucher Submission Insufficient Resource Allocation Limits in nopCommerce v4.10 and v4.80.3 Excel Import Functionality CSV Injection in nopcommerce v4.10 and 4.80.3 Insufficient Session Cookie Invalidation in nopCommerce v4.10and 4.80.3 Session Fixation Vulnerability in iDempiere WebUI v12.0.0.202508171158 CSV Injection in iDempiere WebUI 12.0.0.202508171158 liblcf v0.8.1 liblcf/lcf2xml: Untrusted LCF data triggers uncaught std::length_error via negative vector resize (DoS) liblcf v0.8.1 Integer Overflow in liblcf `ReadInt()` Leads to Out-of-Bounds Reads and Denial of Service Piciorgros TMO-100: Unauthorized configuration change via TFTP (CVE-2025-29617) Piciorgros TMO-100: Unauthorized log data access [tool] CRSprober iOS 18.6 - Undocumented TCC Access to Multiple Privacy Domainsvia preflight=yes Kigen eUICC issue (custom backdoor vs. FW update bug) IT Security and Insecurity Portal www.waraxe.us Forum Index Search found 6 matches XSS cookie stealer in youtube ! Forum:Cross-site scripting aka XSS Posted: Thu Jul 31, 2008 2:04 am Subject: XSS cookie stealer in youtube ! NEUR0BASHER Replies: 5 Views: 20894 I tried that on vBulletin® Version 3.7.x with enabled HTML the cookie included the USER ID and USER PASSWORD PWNED greetinx go to my pwnographic friends! vBulletin 3.6.8 Phishing Site Forum:vBulletin Board Posted: Fri Apr 11, 2008 4:17 am Subject: vBulletin 3.6.8 Phishing Site NEUR0BASHER Replies: 3 Views: 9520 vBulletin 3.6.8 Phishing Site As I have already explained [url=http://www.waraxe.us/ftopict-2482.html#10727]in the other thread it's not possible to fetch the password hash from the cookie. All I w ... [vBulletin] [Tutorial] Password logger Forum:vBulletin Board Posted: Wed Apr 09, 2008 12:12 am Subject: [vBulletin] [Tutorial] Password logger NEUR0BASHER Replies: 52 Views: 147752 nice script - if you can tell me how to gain access to an ftp server I could even check it out;-) vbulletin 3.6.8 exploit Forum:vBulletin Board Posted: Tue Apr 08, 2008 6:13 pm Subject: vbulletin 3.6.8 exploit NEUR0BASHER Replies: 11 Views: 69807 it isn't getting bbsessionhash. It's only getting bblastvisit and bblastactivity. Also it looks like you need have the html page on the same domain as the forum, or it won't accept it as it's not on t ... XSS cookie stealer in youtube ! Forum:Cross-site scripting aka XSS Posted: Sat Apr 05, 2008 1:50 pm Subject: XSS cookie stealer in youtube ! NEUR0BASHER Replies: 5 Views: 20894 This is a simple but effective XSS link hidden in a youtube embedding code. When the user hovers the video with the mouse all cookie data, referrer url, ip address and browser agent info will be sent ... vbulletin 3.6.8 exploit Forum:vBulletin Board Posted: Sat Apr 05, 2008 9:03 am Subject: vbulletin 3.6.8 exploit NEUR0BASHER Replies: 11 Views: 69807 Hi! vBulletin 3.6.8 XSRF/XSS Vulnerability vBulletin Version: 3.6.8 Patch Level x and possible lower As administrators can use html in the usertitle an attacker can update the profile of an adm ... Page 1 of 1 All times are GMT Select a forumSecurity Research by waraxe----------------General discussionHow to fixMetasploit relatedHash cracking requests----------------MD5 hashesAll other hashesHash related informationhttp://www.waraxe.us portal----------------SuggestionsCooperation proposalsSecurity bugs and issues in general----------------Newbies cornerSql injectionCross-site scripting aka XSSRemote file inclusionFull path disclosureShell commands injectionPhishing and Social EngineeringAll other security holesVarious software----------------PhpNukePostNukePhpBBXMB forumvBulletin BoardInvision Power Boarde107MamboJoomlaXOOPSM$ WindowsLinux worldAll other softwareCoppermine Photo GalleryProgramming languages----------------PhpMySqlPerlJavaJavascriptC and C++Visual BasicBorland Delphi and PascalPythonHTML and XMLAssemblerReverse engineering----------------Newbies cornerDisassemblingPHP script decode requestsMiscellaneous stuff----------------Future of the ITNanotechnologyFun cornerLinksTry2hack sitesProxy databaseDirect Downloads----------------ToolsTutorialsWordlistsRecycle Bin----------------Removed messagesOutdated posts Powered by phpBB © 2001-2008 phpBB Group

PCWizardHub - Helping you fix, build, and optimize your PC life
All logos and trademarks in this site are property of their respective owner. The comments and posts are property of their posters, all the rest (c) 2004-2024 Janek Vind "waraxe"
Page Generation: 0.028 Seconds