See the original post: [webapps / 0day] – Vanilla Forums 2.0.18.4 Tagging Stored XSS
>> AUTHOR: deepcore
Read the original: [webapps / 0day] – Zoph v0.9pre2 <= (XSRF/RFD/bSQLi) Multiple Vulnerabilities
More: [webapps / 0day] – Hexamail Server <= 4.4.5 Persistent XSS Vulnerability
Intercepter-NG [Console Edition] is a sniffer that offers various capabilities including sniffing for password hashes related to ORACLE/MYSQL/VNC/NNTP/CVS/WWW/HTTP/SOCKS/MRA/FTP/POP3/SMTP/IMAP/LDAP/AIM. It works on NT/Linux/BSD/IOS/Android and is optimized for screen size 80×30 or higher.
Continue Reading: [remote exploits] – GIMP script-fu Server Buffer Overflow (metasploit)
See original article: [webapps / 0day] – Membris v 2.0.1 Sql XSS & File Disclosure Vulnerabilities
http://talingchun.go.th/images/otop/haji.htm notified by Ashiyane Digital Security Team
http://www.wangkrod.go.th/images/otop/haji.htm notified by Ashiyane Digital Security Team
http://www.bankluai.go.th/images/otop/haji.htm notified by Ashiyane Digital Security Team
http://tubluang.go.th/images/otop/haji.htm notified by Ashiyane Digital Security Team