-
Product: inoerp
Download: https://github.com/inoerp/inoERP
Vunlerable Version: 0.5.1 and probably prior
Tested Version: 0.5.1
Author: ADLab of Venustech
Advisory Details:
Multiple Cross-Site S…
-
Product: mecha
Download: https://github.com/mecha-cms/mecha
Vunlerable Version: 1.2.8 and probably prior
Tested Version: 1.2.8
Author: ADLab of Venustech
Advisory Details:
Multiple Cross-Site …
-
Product: openeclass
Download: https://github.com/gunet/openeclass
Vunlerable Version: Release_3.5.4 and probably prior
Tested Version: Release_3.5.4
Author: ADLab of Venustech
Advisory Details:…
-
Keep getting this error when I start BeEF:
"API Fire Error: authentication failed in {:owner=>BeEF::Extension::Metasploit::API::MetasploitHooks, :id=>18}.post_soft_load()"
Here's a the boot with d…
-
Firefox 4 added a security feature where scripts can no longer get visited links color:
http://hacks.mozilla.org/2010/03/privacy-related-changes-coming-to-css-vistited/
"getComputedStyle (and simila…
-
i can hook other browser,like chrome, ie10, opera,
but only ie7 can't,
i try other xss tools to reture the website had xss, so it think the "hook.js" had some problem, how can i do to use iit h…
-
IE has some rather unfortunately content-type-sniffing behaviour that can be used to trigger XSS attacks via a JSON API, as described here:
http://blog.watchfire.com/wfblog/2011/10/json-based-xss-e…
-
root@blackghost:/usr/share/beef-xss# ./beef -x
[17:06:45][*] Bind socket [imapeudora1] listening on [0.0.0.0:2000].
[17:06:45][*] Browser Exploitation Framework (BeEF) 0.4.7.0-alpha
[17:06:45] |…
-
The autolinker plugin enables XSS on websites that uses Prism.js to highlight user-generated content.
For example, edit `plugins/autolinker/index.html` and put the following string in one of the co…
-
Hello.
BeEF is not working correctly over WAN for me. I'm using it with a VPN.
The VPN is working correctly, and canyouseeme tells me the port is open.
Also! Dubble clicking beef gives a crash, typin…