Abusing, Exploiting and Pwning with Firefox Add-ons
>> ARCHIVE: 2013-02
Abusing, Exploiting and Pwning with Firefox Add-ons
Rix4Web Portal – Blind SQL Injection Vulnerability
IPMap v2.5 iPad iPhone – Arbitrary File Upload
MTP Image Gallery 1.0 (edit_photos.php, title param) – XSS Vulnerability
MTP Guestbook 1.0 – Multiple XSS Vulnerabilities
MTP Poll 1.0 – Multiple XSS Vulnerabilities
Kordil EDMS v2.2.60rc3 Unauthenticated Arbitrary File Upload Vulnerability
Glossword v1.8.8 – 1.8.12 Arbitrary File Upload Vulnerability
PolarPearCms PHP File Upload Vulnerability
WiFilet v1.2 iPad iPhone – Multiple Vulnerabilities