SecuObs.com

SecuObs.com http://www.secuobs.com Observatoire de la securite Internet fr webmaster@secuobs.com DLL injection by modifying an executable file2009-07-03 21:57:52 - Megapanzer : This is a newer document from 2009 that explains DLL injection Insteadof using the often used Windows hooking method to inject a DLL into arunning process in this example the author modifies the binary itselfand loads the DLL when starting the executable file Download it herehttp://www.secuobs.com/revue/news/116837.shtmlhttp://www.secuobs.com/revue/news/116837.shtml phion airlock Web Application Firewall : Injection de Commande2009-07-03 21:06:29 - Bulletins et Alertes de Sécurité SECURINFOS.INFO : Une vulnérabilité a été rapportée dans phion airlock Web ApplicationFirewall, qui pourrait être exploitée par des personnesmalintentionnées afin de compromettre un système vulnérablehttp://www.secuobs.com/revue/news/116821.shtmlhttp://www.secuobs.com/revue/news/116821.shtml Securinfos : phion airlock Web Application Firewall : Injection de Commande2009-07-03 19:25:45 - Global Security Mag Online : - Vulnérabilitéshttp://www.secuobs.com/revue/news/116770.shtmlhttp://www.secuobs.com/revue/news/116770.shtml Securinfos : Opial : Vulnérabilités d'Injection SQL2009-07-03 19:25:45 - Global Security Mag Online : - Vulnérabilitéshttp://www.secuobs.com/revue/news/116767.shtmlhttp://www.secuobs.com/revue/news/116767.shtml Opial : Vulnérabilités d'Injection SQL2009-07-03 16:29:57 - Bulletins et Alertes de Sécurité SECURINFOS.INFO : Quelques vulnérabilités ont été identifiées dans Opial, qui pourraientêtre exploitées par des personnes malintentionnées pour conduire desattaques SQLhttp://www.secuobs.com/revue/news/116750.shtmlhttp://www.secuobs.com/revue/news/116750.shtml Securinfos : Rentventory product : Vulnérabilité d'Injection SQL2009-07-03 14:49:22 - Global Security Mag Online : - Vulnérabilitéshttp://www.secuobs.com/revue/news/116721.shtmlhttp://www.secuobs.com/revue/news/116721.shtml Rentventory product : Vulnérabilité d'Injection SQL2009-07-03 12:01:31 - Bulletins et Alertes de Sécurité SECURINFOS.INFO : Une vulnérabilité a été rapportée dans Rentventory, qui pourrait êtreexploitée par des personnes malintentionnées pour conduire desattaques SQLhttp://www.secuobs.com/revue/news/116682.shtmlhttp://www.secuobs.com/revue/news/116682.shtml Opial 10 albumid Remote SQL Injection Vulnerability2009-07-03 02:36:44 - milw0rm.com : http://www.secuobs.com/revue/news/116544.shtmlhttp://www.secuobs.com/revue/news/116544.shtml Rentventory Multiple Remote SQL Injection Vulnerabilities2009-07-03 02:36:44 - milw0rm.com : http://www.secuobs.com/revue/news/116543.shtmlhttp://www.secuobs.com/revue/news/116543.shtml Almnzm 20 Remote Blind SQL Injection Exploit2009-07-02 22:19:35 - milw0rm.com : http://www.secuobs.com/revue/news/116451.shtmlhttp://www.secuobs.com/revue/news/116451.shtml conpresso 348 detailphp Remote Blind SQL Injection Vuln2009-07-02 22:19:35 - milw0rm.com : http://www.secuobs.com/revue/news/116450.shtmlhttp://www.secuobs.com/revue/news/116450.shtml Opial 10 Auth Bypass Remote SQL Injection Vulnerability2009-07-02 22:19:35 - milw0rm.com : http://www.secuobs.com/revue/news/116449.shtmlhttp://www.secuobs.com/revue/news/116449.shtml Brainbenchcom Assessment Engine JavaScript Injection Vulnerability2009-07-02 06:10:33 - sudosecure.net : First off let me say that writing this post was a very difficult decisionfor me to make, as I normally try to work with vendors, companies, andorganizations to fix issues like this one I am about to disclosewithout ever really disclosing them to the public, but in this case itjust never http://www.secuobs.com/revue/news/116180.shtmlhttp://www.secuobs.com/revue/news/116180.shtml Sql injection on coldfusion2009-07-02 04:03:04 - BadwareBusters.org Most recent topics : A indexcfm and imagecfm file was injected on our website running oncoldfusion, windows server 2003, and IIS 60 The virus or scriptadded scripts on Applicationcfm’s files, js files and html filesThe script was added at the last line of each fileThe script looked like this: anddocumentwriteln“”http://chanm3322org/flash/flashswf“”After removing this scripts from each file, it rewrites by itself andpopulates itself to other filesAny advice, suggestions, comments or solutions would be appreciatedthank youhttp://www.secuobs.com/revue/news/116084.shtmlhttp://www.secuobs.com/revue/news/116084.shtml Securinfos : Simple Machines Forum Member Awards Mod : Vulnérabilité d'Injection SQL2009-07-01 19:11:53 - Global Security Mag Online : - Vulnérabilitéshttp://www.secuobs.com/revue/news/115880.shtmlhttp://www.secuobs.com/revue/news/115880.shtml Simple Machines Forum Member Awards Mod : Vulnérabilité d'Injection SQL2009-07-01 16:20:59 - Bulletins et Alertes de Sécurité SECURINFOS.INFO : eLwaux a découvert une vulnérabilité dans le Member Awards mod pourSimple Machines Forum, qui pourrait être exploitée par des personnesmalintentionnées pour conduire des attaques SQLhttp://www.secuobs.com/revue/news/115848.shtmlhttp://www.secuobs.com/revue/news/115848.shtml Securinfos : NEWSolved : Vulnérabilités d'Injection SQL2009-07-01 04:19:35 - Global Security Mag Online : - Vulnérabilitéshttp://www.secuobs.com/revue/news/115629.shtmlhttp://www.secuobs.com/revue/news/115629.shtml Securinfos : Joomla BookFlip Component book_id : Vulnérabilité d'Injection SQL2009-07-01 04:19:35 - Global Security Mag Online : - Vulnérabilitéshttp://www.secuobs.com/revue/news/115628.shtmlhttp://www.secuobs.com/revue/news/115628.shtml Securinfos : GalleryPal FE Login Page : Vulnérabilité d'Injection SQL2009-07-01 04:19:35 - Global Security Mag Online : - Vulnérabilitéshttp://www.secuobs.com/revue/news/115626.shtmlhttp://www.secuobs.com/revue/news/115626.shtml Securinfos : SitePal : Cross-Site Scripting et Injection SQL2009-07-01 04:19:35 - Global Security Mag Online : - Vulnérabilitéshttp://www.secuobs.com/revue/news/115625.shtmlhttp://www.secuobs.com/revue/news/115625.shtml osTicket Identification Administrateur : Vulnérabilité d'Injection SQL2009-07-01 01:35:02 - Bulletins et Alertes de Sécurité SECURINFOS.INFO : Une vulnérabilité a été rapportée dans osTicket, qui pourrait êtreexploitée par des personnes malintentionnées pour conduire desattaques SQLhttp://www.secuobs.com/revue/news/115575.shtmlhttp://www.secuobs.com/revue/news/115575.shtml NEWSolved : Vulnérabilités d'Injection SQL2009-07-01 01:35:02 - Bulletins et Alertes de Sécurité SECURINFOS.INFO : lama a découvert quelques vulnérabilités dans NEWSolved, qui pourraientêtre exploitées par des personnes malintentionnées pour conduire desattaques SQLhttp://www.secuobs.com/revue/news/115571.shtmlhttp://www.secuobs.com/revue/news/115571.shtml Joomla BookFlip Component book_id : Vulnérabilité d'Injection SQL2009-07-01 01:35:02 - Bulletins et Alertes de Sécurité SECURINFOS.INFO : boom3rang a rapporté une vulnérabilité dans le composant BookFlip pourJoomla, qui pourrait être exploitée par des personnes malintentionnéespour conduire des attaques SQLhttp://www.secuobs.com/revue/news/115569.shtmlhttp://www.secuobs.com/revue/news/115569.shtml GalleryPal FE Login Page : Vulnérabilité d'Injection SQL2009-07-01 01:35:02 - Bulletins et Alertes de Sécurité SECURINFOS.INFO : Une vulnérabilité a été rapportée dans GalleryPal FE, qui pourrait êtreexploitée par des personnes malintentionnées pour conduire desattaques SQLhttp://www.secuobs.com/revue/news/115564.shtmlhttp://www.secuobs.com/revue/news/115564.shtml SitePal : Cross-Site Scripting et Injection SQL2009-07-01 01:35:02 - Bulletins et Alertes de Sécurité SECURINFOS.INFO : Quelques vulnérabilités ont été identifiées dans SitePal, qui pourraientêtre exploitées par des personnes malintentionnées pour conduire desattaques cross-site scripting et des attaques par injection SQLhttp://www.secuobs.com/revue/news/115563.shtmlhttp://www.secuobs.com/revue/news/115563.shtml PunBB Extension Vote For Us = 101 Blind SQL Injection Exploit2009-07-01 01:19:01 - milw0rm.com : http://www.secuobs.com/revue/news/115543.shtmlhttp://www.secuobs.com/revue/news/115543.shtml Securinfos : osTicket Identification Administrateur : Vulnérabilité d'Injection SQL2009-07-01 00:06:52 - Global Security Mag Online : - Vulnérabilitéshttp://www.secuobs.com/revue/news/115488.shtmlhttp://www.secuobs.com/revue/news/115488.shtml PunBB Affiliation Module : Vulnérabilités d'Injection SQL2009-06-30 21:35:25 - Bulletins et Alertes de Sécurité SECURINFOS.INFO : Quelques vulnérabilités ont été identifiées dans le module Affiliationpour PunBB, qui pourraient être exploitées par des personnesmalintentionnées pour conduire des attaques SQLhttp://www.secuobs.com/revue/news/115462.shtmlhttp://www.secuobs.com/revue/news/115462.shtml PunBB Vote For Us Module : Vulnérabilités d'Injection SQL2009-06-30 21:35:25 - Bulletins et Alertes de Sécurité SECURINFOS.INFO : Quelques vulnérabilités ont été identifiées dans le module Vote For Uspour PunBB, qui pourraient être exploitées par des personnesmalintentionnées pour conduire des attaques SQLhttp://www.secuobs.com/revue/news/115461.shtmlhttp://www.secuobs.com/revue/news/115461.shtml SMF Mod Member Awards 102 Blind SQL Injection Exploit2009-06-30 21:15:14 - milw0rm.com : http://www.secuobs.com/revue/news/115444.shtmlhttp://www.secuobs.com/revue/news/115444.shtml WordPress Plugin Related Sites 21 Blind SQL Injection Vulnerability2009-06-30 21:15:14 - milw0rm.com : http://www.secuobs.com/revue/news/115440.shtmlhttp://www.secuobs.com/revue/news/115440.shtml PunBB Affiliates Mod = 11 Remote Blind SQL Injection Exploit2009-06-30 21:15:14 - milw0rm.com : http://www.secuobs.com/revue/news/115439.shtmlhttp://www.secuobs.com/revue/news/115439.shtml MDPro Module CWGuestBook = 21 Remote SQL Injection Vulnerability2009-06-30 21:15:14 - milw0rm.com : http://www.secuobs.com/revue/news/115438.shtmlhttp://www.secuobs.com/revue/news/115438.shtml SQL Injection Demo on a Live Site by ToeTag Video Tutorial2009-06-30 20:35:04 - SecurityTube.Net : SQL Injection Demo on a Live Site by ToeTag Video TutorialIMAGEhttp://www.secuobs.com/revue/news/115380.shtmlhttp://www.secuobs.com/revue/news/115380.shtml Securinfos : PunBB Affiliation Module : Vulnérabilités d'Injection SQL2009-06-30 19:56:15 - Global Security Mag Online : - Vulnérabilitéshttp://www.secuobs.com/revue/news/115356.shtmlhttp://www.secuobs.com/revue/news/115356.shtml Securinfos : PunBB Vote For Us Module : Vulnérabilités d'Injection SQL2009-06-30 19:56:15 - Global Security Mag Online : - Vulnérabilitéshttp://www.secuobs.com/revue/news/115354.shtmlhttp://www.secuobs.com/revue/news/115354.shtml Almnzm COOKIE: customer Remote SQL Injection Vulnerability2009-06-30 00:10:05 - milw0rm.com : http://www.secuobs.com/revue/news/115021.shtmlhttp://www.secuobs.com/revue/news/115021.shtml Joomla com_bookflip book_id Remote SQL Injection Vulnerability2009-06-30 00:10:05 - milw0rm.com : http://www.secuobs.com/revue/news/115016.shtmlhttp://www.secuobs.com/revue/news/115016.shtml Newsolved 116 login grabber Multiple SQL Injection Exploit2009-06-30 00:10:05 - milw0rm.com : http://www.secuobs.com/revue/news/115014.shtmlhttp://www.secuobs.com/revue/news/115014.shtml Messages Library 20 catphp CatID SQL Injection Vulnerability2009-06-29 19:47:43 - milw0rm.com : http://www.secuobs.com/revue/news/114927.shtmlhttp://www.secuobs.com/revue/news/114927.shtml Joomla Component com_php id Blind SQL Injection Vulnerability2009-06-29 19:47:43 - milw0rm.com : http://www.secuobs.com/revue/news/114926.shtmlhttp://www.secuobs.com/revue/news/114926.shtml Joomla Component com_K2 = 101b category SQL Injection Vuln2009-06-29 19:47:43 - milw0rm.com : http://www.secuobs.com/revue/news/114924.shtmlhttp://www.secuobs.com/revue/news/114924.shtml osTicket 16 RC4 Admin Login Blind SQL Injection Vulnerability2009-06-29 19:47:43 - milw0rm.com : http://www.secuobs.com/revue/news/114922.shtmlhttp://www.secuobs.com/revue/news/114922.shtml New Paper Reflective Dll Injection2009-06-28 14:27:26 - Harmony Security Blog : http://www.secuobs.com/revue/news/114581.shtmlhttp://www.secuobs.com/revue/news/114581.shtml PHP-Address Book 40x Multiple SQL Injection Vulnerabilities2009-06-26 22:56:51 - milw0rm.com : http://www.secuobs.com/revue/news/114263.shtmlhttp://www.secuobs.com/revue/news/114263.shtml ForumPal FE 11 Auth Bypass Remote SQL Injection Vulnerability2009-06-26 22:56:51 - milw0rm.com : http://www.secuobs.com/revue/news/114262.shtmlhttp://www.secuobs.com/revue/news/114262.shtml Securinfos : TekBase All-in-One y : Vulnérabilité d'Injection SQL2009-06-26 14:04:49 - Global Security Mag Online : - Vulnérabilitéshttp://www.secuobs.com/revue/news/114026.shtmlhttp://www.secuobs.com/revue/news/114026.shtml Joomla Component com_pinboard task SQL Injection Exploit2009-06-25 22:28:41 - milw0rm.com : http://www.secuobs.com/revue/news/113803.shtmlhttp://www.secuobs.com/revue/news/113803.shtml AlumniServer 101 Auth Bypass SQL Injection Vulnerability2009-06-25 22:28:41 - milw0rm.com : http://www.secuobs.com/revue/news/113801.shtmlhttp://www.secuobs.com/revue/news/113801.shtml AlumniServer 101 resetpwemail Blind SQL Injection Exploit2009-06-25 22:28:41 - milw0rm.com : http://www.secuobs.com/revue/news/113800.shtmlhttp://www.secuobs.com/revue/news/113800.shtml MD-Pro 1083x Survey Module pollID Blind SQL Injection Vulnerability2009-06-25 22:28:41 - milw0rm.com : http://www.secuobs.com/revue/news/113799.shtmlhttp://www.secuobs.com/revue/news/113799.shtml Joomla – Sql Injection Scanner tool2009-06-25 15:01:15 - PenTestIT : Joomla web application security tool to perform Sql Injections JoomlaSql Injection ScannerScanner is a python script which need to runlocaly output file will be generated and can be viewed localy It ismore effectly as you need not install anything and results can easlybe verified localy nice tool for in house security testers Or webhttp://www.secuobs.com/revue/news/113636.shtmlhttp://www.secuobs.com/revue/news/113636.shtml bpmtk: Injecting VBScript Didier Stevens2009-06-25 13:35:43 - Security Bloggers Network : Here’s a new trick: injecting VBScript in a process I’ve developed a DLLthat will create a COM instance of the VBScripting engine and let itexecute a VBScript Injecting this DLL in a running program results inexecution of the VBScript in the context of the running programHere’s an example where I wrote http://www.secuobs.com/revue/news/113585.shtmlhttp://www.secuobs.com/revue/news/113585.shtml bpmtk: Injecting VBScript2009-06-25 12:55:51 - Didier Stevens : Here’s a new trick: injecting VBScript in a process I’ve developed a DLLthat will create a COM instance of the VBScripting engine and let itexecute a VBScript Injecting this DLL in a running program results inexecution of the VBScript in the context of the running programHere’s an example where I wrote http://www.secuobs.com/revue/news/113574.shtmlhttp://www.secuobs.com/revue/news/113574.shtml E4X and a Firefox XML injection bug2009-06-25 06:37:18 - Security : Up-front credit to my colleagues Filipe Almeida and Michal Zalewski wholed the way in E4X security researchIf you haven't heard of E4X, or don't know why Firefox's E4X supportshould scare you, please consider reading this articleI've just released details for a recently fixed Firefox XML injectionbug It's one of those bugs that is in search of a good exploitationopportunity Currently, the known impact is negligible, but I'mthrowing it out in case anyone has better ideas than I do It feelslike the interaction of this bug and E4X should be fruitful butperhaps not:http://scarybeastsorg/security/CESA-2008-010htmlIMAGEhttp://www.secuobs.com/revue/news/113506.shtmlhttp://www.secuobs.com/revue/news/113506.shtml Joomla Component com_amocourse catid SQL Injection Vuln2009-06-25 00:57:49 - milw0rm.com : http://www.secuobs.com/revue/news/113366.shtmlhttp://www.secuobs.com/revue/news/113366.shtml 50 Ways to Inject Your SQL Funny Parody Video Tutorial2009-06-23 20:00:28 - SecurityTube.Net : 50 Ways to Inject Your SQL Funny Parody Video TutorialIMAGEhttp://www.secuobs.com/revue/news/112767.shtmlhttp://www.secuobs.com/revue/news/112767.shtml Securinfos : Softbiz Banner Ad Management Script size_id : Injection SQL2009-06-23 19:33:02 - Global Security Mag Online : - Vulnérabilitéshttp://www.secuobs.com/revue/news/112750.shtmlhttp://www.secuobs.com/revue/news/112750.shtml Securinfos : MyBB birthdayprivacy : Vulnérabilité d'Injection SQL2009-06-23 19:33:02 - Global Security Mag Online : - Vulnérabilitéshttp://www.secuobs.com/revue/news/112746.shtmlhttp://www.secuobs.com/revue/news/112746.shtml Securinfos : Nagios statuswmlcgi : Injection de Commande2009-06-23 19:33:02 - Global Security Mag Online : - Vulnérabilitéshttp://www.secuobs.com/revue/news/112742.shtmlhttp://www.secuobs.com/revue/news/112742.shtml Softbiz Banner Ad Management Script size_id : Injection SQL2009-06-23 16:55:13 - Bulletins et Alertes de Sécurité SECURINFOS.INFO : Une vulnérabilité a été rapportée dans Softbiz Banner Ad ManagementScript, qui pourrait être exploitée par des personnes malintentionnéespour conduire des attaques SQLhttp://www.secuobs.com/revue/news/112702.shtmlhttp://www.secuobs.com/revue/news/112702.shtml Details of the Nine-Ball Mass Injection Attack2009-06-23 12:56:54 - Threatpost Feed : From Websense Security LabsEarly last week, we posted an alert about a mass injection attack inthe wild we named Nine-Ball This attack compromised over 40,000legitimate Web sites in an ongoing campaign The scale of the attackwas spotted June 2, 2009, and since then the campaign has evolvedseveral times In this blog we will provide further detail andanalysis on the Nine-Ball campaign Read the full post Websensecomhttp://www.secuobs.com/revue/news/112641.shtmlhttp://www.secuobs.com/revue/news/112641.shtml MyBB birthdayprivacy : Vulnérabilité d'Injection SQL2009-06-23 12:54:15 - Bulletins et Alertes de Sécurité SECURINFOS.INFO : Une vulnérabilité a été rapportée dans MyBB, qui pourrait être exploitéepar des utilisateurs malicieux pour conduire des attaques SQLhttp://www.secuobs.com/revue/news/112639.shtmlhttp://www.secuobs.com/revue/news/112639.shtml Nagios statuswmlcgi : Injection de Commande2009-06-23 12:54:15 - Bulletins et Alertes de Sécurité SECURINFOS.INFO : Une vulnérabilité a été rapportée dans Nagios, qui pourrait êtreexploitée par des utilisateurs malicieux pour potentiellementcompromettre un système vulnérablehttp://www.secuobs.com/revue/news/112637.shtmlhttp://www.secuobs.com/revue/news/112637.shtml Nine-Ball Mass Injection - Details2009-06-23 00:10:28 - Latest Blog Entires From WebSense Security Labs : Early last week, we posted an alert about a mass injection attack in thewild we named Nine-Ball This attack compromised over 40,000legitimate Web sites in an ongoing campaign The scale of the attackwas spotted June 2, 2009, and since then the campaign has evolvedseveral times In this blog we will provide further detail andanalysis on the Nine-Ball campaignhttp://www.secuobs.com/revue/news/112431.shtmlhttp://www.secuobs.com/revue/news/112431.shtml Joomla Component com_tickets = 21 id SQL Injection Vuln2009-06-22 23:58:46 - milw0rm.com : http://www.secuobs.com/revue/news/112421.shtmlhttp://www.secuobs.com/revue/news/112421.shtml RS-CMS 21 key Remote SQL Injection Vulnerability2009-06-22 23:58:46 - milw0rm.com : http://www.secuobs.com/revue/news/112420.shtmlhttp://www.secuobs.com/revue/news/112420.shtml phpDatingClub 37 Remote SQL/XSS Injection Vulnerabilities 2009-06-22 19:56:45 - milw0rm.com : http://www.secuobs.com/revue/news/112332.shtmlhttp://www.secuobs.com/revue/news/112332.shtml pmaPWN - phpMyAdmin Code Injection RCE Scanner Exploit2009-06-22 19:56:45 - milw0rm.com : http://www.secuobs.com/revue/news/112330.shtmlhttp://www.secuobs.com/revue/news/112330.shtml Injector in my webstes2009-06-21 18:36:31 - BadwareBusters.org Most recent topics : i have couple of sites hosted with 1and1couk they were working f9from last few years just few month back my antivirus detected virus inthem i downloaded the sites cleaned them and reuploaded them againthe same problem started after 2-3 days now it became my dailyroutine to clean them with breakfastcan some 1 please advisethe sites are using asp technologyfew links aretekatworkcom files are deleted to prevent google from black listingbinsadiqinternationalcom19thfloorcomhealthykidscouksalmanhcombrevitpluscoukand many morehttp://www.secuobs.com/revue/news/112031.shtmlhttp://www.secuobs.com/revue/news/112031.shtml OWASP Top 5 and Mutillidae: Intro to common web vulnerabilities like Cross Site Scripting XSS, SQL/Command Injection Flaws, Malicious File Execution/RFI, Insecure Direct Object Reference and Cross S2009-06-20 06:56:52 - Irongeek's Security Site : Link:OWASP Top 5 and Mutillidae: Intro to common web vulnerabilities likeCross Site Scripting XSS, SQL/Command Injection Flaws, MaliciousFile Execution/RFI, Insecure Direct Object Reference and Cross SiteRequest Forgery CSRF/XSRFThis is a recording of the presentation I gave to the LouisvilleChapter of OWASP about the Mutillidae project A while back I wantedto start covering more web application pen-testing tools and conceptsin some of my videos and live classes Of course, I needed vulnerableweb apps to illustrate common web security problems I like theWebGoat project, but sometimes it's a little hard to figure outexactly what they want you to do to exploit a given web application,and it's written in J2EE not a layman friendly language In anattempt to have something simple to use as a demo in my videos and inclass, I started the Mutillidae project This is a video covering thefirst 5 of the OWASP Top 10IMAGEIMAGEIMAGEhttp://www.secuobs.com/revue/news/111816.shtmlhttp://www.secuobs.com/revue/news/111816.shtml IOS HTTP Server Command Injection Vulnerability2009-06-20 00:41:50 - Cisco Security AdvisoriesSearch Cisco : A vulnerability exists in the IOS HTTP server in which HTML code insertedinto dynamically generated output, such as the output from a showbuffers command, will be passed to the browser requesting the pageThis HTML code could be interpreted by the client browser andpotentially execute malicious commands against the device or otherpossible cross-site scripting attacks Successful exploitation of thisvulnerability requires that a user browse a page containing dynamiccontent in which HTML commands have been injectedIMAGEhttp://www.secuobs.com/revue/news/111757.shtmlhttp://www.secuobs.com/revue/news/111757.shtml Pangolin – Automatic SQL Injection Tool2009-06-19 17:04:45 - bLackhammer.org : Pangolin is an automatic SQL injection penetration testing tool developedby NOSEC Its goal is to detect and take advantage of SQL injectionvulnerabilities on web applications Once it detects one or more SQLinjections on the target host, the user can choose among a variety ofoptions to perform an extensive back-end database management http://www.secuobs.com/revue/news/111573.shtmlhttp://www.secuobs.com/revue/news/111573.shtml Mass Injectors Still Burying the Needle2009-06-19 07:37:31 - eWeek Security Watch : The use of mass injection redirection campaigns like the Gumblar is onlyjust getting started, researchers contendIMAGEIMAGEIMAGEhttp://www.secuobs.com/revue/news/111467.shtmlhttp://www.secuobs.com/revue/news/111467.shtml 50 Ways to Inject Your SQL2009-06-19 00:11:20 - Bruno Kerouanton : Marc Olanié vient de m’envoyer le lien vers un clip super sympa… allez jevous en fais profiter, ainsi que des paroles plus bas qui sontcroustillantes Enjoy Auteur et source : Paco Hope I see yourinput’s not validated properly You have to check it at all tiers: 1, 2and 3 Give me a browser http://www.secuobs.com/revue/news/111348.shtmlhttp://www.secuobs.com/revue/news/111348.shtml Automatic Creation of SQL Injection and Cross-Site Scripting Attacks2009-06-18 18:59:30 - SecurityShell : AbstractThis paper presents a technique for finding security vulnerabilitiesin Web applications SQL Injection SQLI and cross-site scriptingXSS attacks are widespread forms of attack in which the attackercrafts the input to the application to access or modify user data andexecute malicious code In the most serious attacks calledsecond-order, or persistent, XSS, an attacker can corrupt a databaseso as to cause subsequent users to execute malicious codepresents an automatic technique for creating inputs that expose SQLIand XSS vulnerabilities The technique generates sample inputs,symbolically tracks taints through execution including throughdatabase accesses, and mutates the inputs to produce concreteexploits Ours is the first analysis of which we are aware thatprecisely addresses second-order XSS attacksOur technique creates real attack vectors, has few false positives,incurs no runtime overhead for the deployed application, works withoutrequiring modification of application code, and handles dynamicprogramming-language constructs We implemented the technique for PHP,in a tool Ardilla We evaluated Ardilla on five PHP applications andfound 68 previously unknown vulnerabilities 23 SQLI, 33 first-orderXSS, and 12 second-order XSSDownload: PDFIMAGEhttp://www.secuobs.com/revue/news/111259.shtmlhttp://www.secuobs.com/revue/news/111259.shtml How to check web applications for SQL injection vulnerabilities2009-06-18 18:24:35 - Security Bloggers Network : In a previous post, we linked to an article which gave an in-depthexplanation of SQL injection vulnerabilities, and what impact suchvulnerabilities can have on your web application Now, that you knowwhat they are and what their impact could be, how can you find out ifyour website is vulnerable to SQL injection http://www.secuobs.com/revue/news/111235.shtmlhttp://www.secuobs.com/revue/news/111235.shtml Securinfos : Fretsweb : Inclusion de Fichiers et Vulnérabilités d'Injection SQL2009-06-18 17:37:23 - Global Security Mag Online : - Vulnérabilitéshttp://www.secuobs.com/revue/news/111205.shtmlhttp://www.secuobs.com/revue/news/111205.shtml CAE LMS : Injection SQL et Vulnérabilités Cross-Site Scripting2009-06-18 15:47:05 - Bulletins et Alertes de Sécurité SECURINFOS.INFO : Quelques vulnérabilités ont été identifiées dans CAE LMS, qui pourraientêtre exploitées par des personnes malintentionnées pour conduire desattaques cross-site scripting et des attaques par injection SQLhttp://www.secuobs.com/revue/news/111190.shtmlhttp://www.secuobs.com/revue/news/111190.shtml Fretsweb : Inclusion de Fichiers et Vulnérabilités d'Injection SQL2009-06-18 15:47:05 - Bulletins et Alertes de Sécurité SECURINFOS.INFO : Quelques vulnérabilités ont été identifiées dans Fretsweb, qui pourraientêtre exploitées par des personnes malintentionnées pour divulguer desinformations sensibles potentielles ou conduire des attaques parinjection SQLhttp://www.secuobs.com/revue/news/111188.shtmlhttp://www.secuobs.com/revue/news/111188.shtml Securinfos : CAE LMS : Injection SQL et Vulnérabilités Cross-Site Scripting2009-06-18 14:15:43 - Global Security Mag Online : - Vulnérabilitéshttp://www.secuobs.com/revue/news/111160.shtmlhttp://www.secuobs.com/revue/news/111160.shtml New Injection Attack Compromises More Than 40,000 Websites2009-06-18 05:47:03 - Hack In The Box : A new injection attack that redirects users' Web search queries is in thewild, and researchers at Websense believe it may have already affectedmore than 40,000 sites In a blog posted yesterday, Websenseresearchers indicated that more than 40,000 legitimate sites have beencompromised with "obfuscated code that leads to a multilevelredirection attack, ending in a series of drive-by exploits which, ifsuccessful, install a Trojan downloader on the user's machine" Whenusers visit one of the infected sites, they are redirected through aseries of different sites owned by the attacker and brought to thefinal landing page containing the exploit code, the researchers sayThe final landing page records the visitor's IP addresshttp://www.secuobs.com/revue/news/111088.shtmlhttp://www.secuobs.com/revue/news/111088.shtml Nine-Ball mass injection attack compromised 40,000 sites2009-06-18 01:01:39 - Latest articles from SC Magazine US : A new threat dubbed "Nine-Ball" has compromised up to 40,000 legitimatewebsites that are now infecting users with an information-stealingtrojan, according to security vendor WebsenseIMAGEIMAGEIMAGEhttp://www.secuobs.com/revue/news/110963.shtmlhttp://www.secuobs.com/revue/news/110963.shtml TekBase All-in-One 31 Multiple SQL Injection Vulnerabilities2009-06-17 22:40:46 - milw0rm.com : http://www.secuobs.com/revue/news/110935.shtmlhttp://www.secuobs.com/revue/news/110935.shtml FretsWeb 12 name Remote Blind SQL Injection Exploit2009-06-17 22:40:46 - milw0rm.com : http://www.secuobs.com/revue/news/110932.shtmlhttp://www.secuobs.com/revue/news/110932.shtml InfoSec: Inject Some Common Sense2009-06-17 19:39:37 - Security for the Masses : Nice read from PaulDotCom on what may be your most cost effective InfoSectool, common sense A handy addition to your security toolkit, it maysave you money and probably a lot of wasted timeand don't get mestarted on logging and aggregationall that wasted paper and drivespaceGet the tips hereIMAGEhttp://www.secuobs.com/revue/news/110838.shtmlhttp://www.secuobs.com/revue/news/110838.shtml Off the wire: 50 ways to inject your SQL2009-06-17 15:44:00 - Help Net Security News : Heres the pseudocode of a routine called ValidateQuery Its role isto take user input from a Net application and validate it to removepotential injectionhttp://www.secuobs.com/revue/news/110716.shtmlhttp://www.secuobs.com/revue/news/110716.shtml Slides SQL injection and out-of-band channeling2009-06-17 04:16:41 - SecDocs Feed : http://www.secuobs.com/revue/news/110551.shtmlhttp://www.secuobs.com/revue/news/110551.shtml Video SQL injection and out-of-band channeling2009-06-17 04:16:41 - SecDocs Feed : http://www.secuobs.com/revue/news/110550.shtmlhttp://www.secuobs.com/revue/news/110550.shtml Securinfos : iJoomla RSS Feeder cat : Vulnérabilité d'Injection SQL2009-06-17 02:29:47 - Global Security Mag Online : - Vulnérabilitéshttp://www.secuobs.com/revue/news/110486.shtmlhttp://www.secuobs.com/revue/news/110486.shtml Joomla Jumi Component fileid : Vulnérabilité d'Injection SQL2009-06-17 00:01:56 - Bulletins et Alertes de Sécurité SECURINFOS.INFO : Chip D3 Bi0s a découvert une vulnérabilité dans le Jumi extensions pourJoomla, qui pourrait être exploitée par des personnes malintentionnéespour conduire des attaques SQLhttp://www.secuobs.com/revue/news/110473.shtmlhttp://www.secuobs.com/revue/news/110473.shtml iJoomla RSS Feeder cat : Vulnérabilité d'Injection SQL2009-06-17 00:01:56 - Bulletins et Alertes de Sécurité SECURINFOS.INFO : xoron a rapporté une vulnérabilité dans le composant iJoomla RSS Feederpour Joomla, qui pourrait être exploitée par des personnesmalintentionnées pour conduire des attaques SQLhttp://www.secuobs.com/revue/news/110471.shtmlhttp://www.secuobs.com/revue/news/110471.shtml Securinfos : Joomla Jumi Component fileid : Vulnérabilité d'Injection SQL2009-06-16 22:42:07 - Global Security Mag Online : - Vulnérabilitéshttp://www.secuobs.com/revue/news/110407.shtmlhttp://www.secuobs.com/revue/news/110407.shtml Securinfos : TYPO3 References Database : Vulnérabilité d'Injection SQL2009-06-16 18:51:46 - Global Security Mag Online : - Vulnérabilitéshttp://www.secuobs.com/revue/news/110274.shtmlhttp://www.secuobs.com/revue/news/110274.shtml Securinfos : TYPO3 Virtual Civil Services Extension : Injection SQL2009-06-16 18:51:46 - Global Security Mag Online : - Vulnérabilitéshttp://www.secuobs.com/revue/news/110272.shtmlhttp://www.secuobs.com/revue/news/110272.shtml Securinfos : TYPO3 FrontEnd MP3 Player Extension : Injection SQL2009-06-16 18:51:46 - Global Security Mag Online : - Vulnérabilitéshttp://www.secuobs.com/revue/news/110270.shtmlhttp://www.secuobs.com/revue/news/110270.shtml Securinfos : Zoki Catalog search_text : Vulnérabilité d'Injection SQL2009-06-16 18:51:46 - Global Security Mag Online : - Vulnérabilitéshttp://www.secuobs.com/revue/news/110268.shtmlhttp://www.secuobs.com/revue/news/110268.shtml Zoki Catalog search_text : Vulnérabilité d'Injection SQL2009-06-16 16:05:52 - Bulletins et Alertes de Sécurité SECURINFOS.INFO : David Sopas a rapporté une vulnérabilité dans Zoki Catalog, qui pourraitêtre exploitée par des personnes malintentionnées pour conduire desattaques SQLhttp://www.secuobs.com/revue/news/110229.shtmlhttp://www.secuobs.com/revue/news/110229.shtml TYPO3 References Database : Vulnérabilité d'Injection SQL2009-06-16 16:05:52 - Bulletins et Alertes de Sécurité SECURINFOS.INFO : Une vulnérabilité a été rapportée dans le Références Databaset3references extension pour TYPO3, qui pourrait être exploitée pardes personnes malintentionnées pour conduire des attaques SQLhttp://www.secuobs.com/revue/news/110227.shtmlhttp://www.secuobs.com/revue/news/110227.shtml TYPO3 FrontEnd MP3 Player Extension : Injection SQL2009-06-16 16:05:52 - Bulletins et Alertes de Sécurité SECURINFOS.INFO : Une vulnérabilité a été rapportée dans le FrontEnd MP3 Playerfe_mp3player extension pour TYPO3, qui pourrait être exploitée pardes personnes malintentionnées pour conduire des attaques SQLhttp://www.secuobs.com/revue/news/110226.shtmlhttp://www.secuobs.com/revue/news/110226.shtml TYPO3 Virtual Civil Services Extension : Injection SQL2009-06-16 16:05:52 - Bulletins et Alertes de Sécurité SECURINFOS.INFO : Une vulnérabilité a été rapportée dans le Virtual Civil Servicescivserv extension pour TYPO3, qui pourrait être exploitée par despersonnes malintentionnées pour conduire des attaques SQLhttp://www.secuobs.com/revue/news/110224.shtmlhttp://www.secuobs.com/revue/news/110224.shtml Securinfos : WordPress Photoracer Plugin id : Vulnérabilité d'Injection SQL2009-06-16 14:39:01 - Global Security Mag Online : - Vulnérabilitéshttp://www.secuobs.com/revue/news/110184.shtmlhttp://www.secuobs.com/revue/news/110184.shtml phpCollegeExchange itemnr : Vulnérabilité d'Injection SQL2009-06-16 12:13:09 - Bulletins et Alertes de Sécurité SECURINFOS.INFO : SirGod a découvert une vulnérabilité dans phpCollegeExchange, quipourrait être exploitée par des personnes malintentionnées pourconduire des attaques SQLhttp://www.secuobs.com/revue/news/110168.shtmlhttp://www.secuobs.com/revue/news/110168.shtml WordPress Photoracer Plugin id : Vulnérabilité d'Injection SQL2009-06-16 12:13:09 - Bulletins et Alertes de Sécurité SECURINFOS.INFO : Kacper a découvert une vulnérabilité dans le plugin Photoracer dansWordPress, qui pourrait être exploitée par des personnesmalintentionnées pour conduire des attaques SQLhttp://www.secuobs.com/revue/news/110167.shtmlhttp://www.secuobs.com/revue/news/110167.shtml Securinfos : phpCollegeExchange itemnr : Vulnérabilité d'Injection SQL2009-06-16 10:53:12 - Global Security Mag Online : - Vulnérabilitéshttp://www.secuobs.com/revue/news/110147.shtmlhttp://www.secuobs.com/revue/news/110147.shtml Joomla Component com_ijoomla_rss Blind SQL Injection Exploit 2009-06-15 23:59:17 - milw0rm.com : http://www.secuobs.com/revue/news/110001.shtmlhttp://www.secuobs.com/revue/news/110001.shtml WordPress Plugin Photoracer 10 id SQL Injection Vulnerability2009-06-15 23:59:17 - milw0rm.com : http://www.secuobs.com/revue/news/109999.shtmlhttp://www.secuobs.com/revue/news/109999.shtml phpCollegeExchange 015c listing_viewphp itemnr SQL Injection Vuln2009-06-15 23:59:17 - milw0rm.com : http://www.secuobs.com/revue/news/109998.shtmlhttp://www.secuobs.com/revue/news/109998.shtml vBulletin Radio and TV Player Add-On HTML Injection Vulnerability2009-06-15 23:59:17 - milw0rm.com : http://www.secuobs.com/revue/news/109995.shtmlhttp://www.secuobs.com/revue/news/109995.shtml phportal v1 topiclerphp id Remote SQL Injection Vulnerability2009-06-15 23:59:17 - milw0rm.com : http://www.secuobs.com/revue/news/109994.shtmlhttp://www.secuobs.com/revue/news/109994.shtml Joomla Component com_jumi fileid Blind SQL Injection Exploit2009-06-15 23:59:17 - milw0rm.com : http://www.secuobs.com/revue/news/109992.shtmlhttp://www.secuobs.com/revue/news/109992.shtml Mac OS X Code injection2009-06-15 20:49:56 - Reverse Engineering Mac OS X : While trying to reverse Little Snitch I needed to understand the conceptof Mach Ports since I suspect it’s used for communication between theuserland programs and the kernel extension and found some nicearticles/code about code injection in Mac OS X They are: Mach Starold but interesting: http://rentzschcom/mach_star/ Mach Inject andMach Override works for Intel: http://www.secuobs.com/revue/news/109910.shtmlhttp://www.secuobs.com/revue/news/109910.shtml Securinfos : Zip Store Chat indexasp : Vulnérabilité d'Injection SQL2009-06-15 16:21:47 - Global Security Mag Online : - Vulnérabilitéshttp://www.secuobs.com/revue/news/109783.shtmlhttp://www.secuobs.com/revue/news/109783.shtml Zip Store Chat indexasp : Vulnérabilité d'Injection SQL2009-06-15 14:46:18 - Bulletins et Alertes de Sécurité SECURINFOS.INFO : Une vulnérabilité a été rapportée dans Zip Store Chat, qui pourrait êtreexploitée par des personnes malintentionnées pour conduire desattaques SQLhttp://www.secuobs.com/revue/news/109762.shtmlhttp://www.secuobs.com/revue/news/109762.shtml Securinfos : FireStats : Injection SQL et Vulnérabilités d'Inclusion de Fichiers2009-06-15 13:44:21 - Global Security Mag Online : - Vulnérabilitéshttp://www.secuobs.com/revue/news/109739.shtmlhttp://www.secuobs.com/revue/news/109739.shtml FireStats : Injection SQL et Vulnérabilités d'Inclusion de Fichiers2009-06-15 12:25:20 - Bulletins et Alertes de Sécurité SECURINFOS.INFO : Quelques vulnérabilités ont été identifiées dans le plugin FireStats pourWordPress, qui pourraient être exploitées par des personnesmalintentionnées pour conduire des attaques SQL ou pour compromettreun système vulnérablehttp://www.secuobs.com/revue/news/109718.shtmlhttp://www.secuobs.com/revue/news/109718.shtml Facebook SuperPoke App Injection Flaw2009-06-12 22:15:24 - Security for the Masses : Caught this on Social Hacking, a verified Facebook app, SuperPoke, hasinjection vulnerabilities It seems this vulnerability has beenunpatched for a long time, and the new implementation of SuperPoke hasincreased the problemRead more at Social HackingIMAGEhttp://www.secuobs.com/revue/news/109196.shtmlhttp://www.secuobs.com/revue/news/109196.shtml Zip Store Chat 40/50 Auth Bypass SQL Injection Vulnerability2009-06-12 17:01:14 - milw0rm.com : http://www.secuobs.com/revue/news/109045.shtmlhttp://www.secuobs.com/revue/news/109045.shtml 4images = 177 Filter Bypass HTML Injection/XSS Vulnerability2009-06-12 17:01:14 - milw0rm.com : http://www.secuobs.com/revue/news/109044.shtmlhttp://www.secuobs.com/revue/news/109044.shtml Campus Virtual-LMS XSS/SQL Injection Multiple Remote Vulnerabilities2009-06-12 17:01:14 - milw0rm.com : http://www.secuobs.com/revue/news/109043.shtmlhttp://www.secuobs.com/revue/news/109043.shtml Iframe injection2009-06-12 16:26:32 - BadwareBusters.org Most recent topics : Hello all,I’m having a problem with an IFRAME injection I didn’t even knowthese existed until this week so I apologise for any silly noobassumptions/mistakes on my partI run a small website to showcase my photography Nothing flashy Itcontains some PHP to act as a feedreader for my blog using MagpieRSSand also to generate some random quotes in the footer It containssome javascript for Google Analytics and also Google Ads Other thanthis it’s a mix of XHTML and CSSAnyway, on with the problem Earlier this week I did an FTP uploadusing Filezilla The next day I checked my site online and noticedthat the layout was looking a bit off, there was some padding of about200px at the top of the screenMy first thought was that I’d mistyped some CSS which was messing witha height property but it actually turned out to be an IFRAME in theHTML of my index pageAfter some further reading I figured out I’d been attacked with somebadware JoySo, I did a full virus scan of my home computer using AVG, I thenchanged my FTP password to a nice strong upper case/lowercase/alpha/numeric mix and re-uploaded my site from my home computerI also made sure FIlezilla wasn’t storing my password anymore as ithad done previouslyToday another IFRAME has appearedCould one of you fine people inform me of the best way to clean up mysiteI have contacted my hosting company for help Fasthostscouk, theyhave told me they don’t deal with CSS issuesFor reference, my site is wwwambientbuzzsawcouk and the IFRAME onlyseems to be appearing on the index pageMany thanks in advance for your helphttp://www.secuobs.com/revue/news/109016.shtmlhttp://www.secuobs.com/revue/news/109016.shtml Securinfos : Sniggabo CMS id : Vulnérabilité d'Injection SQL2009-06-12 13:54:15 - Global Security Mag Online : - Vulnérabilitéshttp://www.secuobs.com/revue/news/108980.shtmlhttp://www.secuobs.com/revue/news/108980.shtml Sniggabo CMS id : Vulnérabilité d'Injection SQL2009-06-12 12:31:37 - Bulletins et Alertes de Sécurité SECURINFOS.INFO : Une vulnérabilité a été rapportée dans Sniggabo CMS, qui pourrait êtreexploitée par des personnes malintentionnées pour conduire desattaques SQLhttp://www.secuobs.com/revue/news/108968.shtmlhttp://www.secuobs.com/revue/news/108968.shtml Sniggabo CMS articlephp id Remote SQL Injection Exploit2009-06-12 01:48:34 - milw0rm.com : http://www.secuobs.com/revue/news/108786.shtmlhttp://www.secuobs.com/revue/news/108786.shtml Yogurt 03 XSS/SQL Injection Multiple Remote Vulnerabilities2009-06-11 23:24:05 - milw0rm.com : http://www.secuobs.com/revue/news/108731.shtmlhttp://www.secuobs.com/revue/news/108731.shtml Splog = 12 Beta Multiple Remote SQL Injection Vulnerabilities2009-06-11 18:45:56 - milw0rm.com : http://www.secuobs.com/revue/news/108573.shtmlhttp://www.secuobs.com/revue/news/108573.shtml Securinfos : NfSen : Injection de Commande2009-06-11 17:58:58 - Global Security Mag Online : - Vulnérabilitéshttp://www.secuobs.com/revue/news/108538.shtmlhttp://www.secuobs.com/revue/news/108538.shtml NfSen : Injection de Commande2009-06-11 16:15:10 - Bulletins et Alertes de Sécurité SECURINFOS.INFO : Une vulnérabilité a été rapportée dans NfSen, qui pourrait être exploitéepar des utilisateurs malicieux afin de compromettre un systèmevulnérablehttp://www.secuobs.com/revue/news/108512.shtmlhttp://www.secuobs.com/revue/news/108512.shtml Open Biller 01 username Blind SQL Injection Exploit2009-06-11 00:31:14 - milw0rm.com : http://www.secuobs.com/revue/news/108228.shtmlhttp://www.secuobs.com/revue/news/108228.shtml 6/10: Mal/Inject-P Drops and Executes Other Malware2009-06-10 17:49:36 - Alerts : Mal/Inject-P is a malicious program that drops and executes othermalwarehttp://www.secuobs.com/revue/news/108042.shtmlhttp://www.secuobs.com/revue/news/108042.shtml DX Studio Player 30291 Firefox plug-in Command Injection Vuln2009-06-10 17:17:03 - milw0rm.com : http://www.secuobs.com/revue/news/108028.shtmlhttp://www.secuobs.com/revue/news/108028.shtml Windows Desktop Search Indirect Script Injection2009-06-10 17:06:15 - Security Bloggers Network : Background Windows Desktop Search WDS is a popular desktop search toolreleased by Microsoft WDS indexes a large variety of files located onthe user's computer as well as network shares, if configured to do soby the user Ithttp://www.secuobs.com/revue/news/108021.shtmlhttp://www.secuobs.com/revue/news/108021.shtml sqlfury - Sql injection tool beta2009-06-10 10:42:38 - PenTestIT : sqlfury an SQL injection scanner, using blind SQL injection techniquesto extract information from a target database sqlfury sql injectiontool with simply provide web url and report will be given sqlfuryworks by appending our own SQL statements to a parameter which is notcorrectly sanitised on the server If you look at the following linehttp://www.secuobs.com/revue/news/107873.shtmlhttp://www.secuobs.com/revue/news/107873.shtml Packet Injection, WPA Attacks, Virtualization - Hak52009-06-10 07:41:55 - Hak5 Large Xvid : The gang gathers at a dive in Hoboken, NJ during their trip to NYC forthe live Diggnation and discuss wireless packet injection with airpwn,advancements in WPA-PSK attacks and of course, virtualizationhttp://www.secuobs.com/revue/news/107847.shtmlhttp://www.secuobs.com/revue/news/107847.shtml MRCGIGUY Hot Links reportphp id Remote SQL Injection Vulnerability2009-06-09 23:51:13 - milw0rm.com : http://www.secuobs.com/revue/news/107703.shtmlhttp://www.secuobs.com/revue/news/107703.shtml phpMyAdmin /scripts/setupphp PHP Code Injection Exploit2009-06-09 23:51:13 - milw0rm.com : http://www.secuobs.com/revue/news/107700.shtmlhttp://www.secuobs.com/revue/news/107700.shtml Joomla Component Akobook 23 gbid SQL Injection Vulnerability2009-06-09 21:53:50 - milw0rm.com : http://www.secuobs.com/revue/news/107642.shtmlhttp://www.secuobs.com/revue/news/107642.shtml S-CMS = 20b3 Multiple SQL Injection Vulnerabilities2009-06-09 21:53:50 - milw0rm.com : http://www.secuobs.com/revue/news/107639.shtmlhttp://www.secuobs.com/revue/news/107639.shtml S-CMS = 20b3 username Blind SQL Injection Exploit2009-06-09 21:53:50 - milw0rm.com : http://www.secuobs.com/revue/news/107638.shtmlhttp://www.secuobs.com/revue/news/107638.shtml certipost, telenet and postbe vulnerable to xss flash injection belsec2009-06-09 19:12:11 - Security Bloggers Network : on http://insecureskynetblogsbe we will be adding more informationon xsswe have found some belgian sites that are indexed as vulnerable andaren't fixed yetand we have found that even some big sites are vulnerable to amalicious link injection through their flash animationsthis means that your site can be used as a hop for a driveby downloadone rule : always use your https address in full in all of yourlinks if you want to stay in controlIMAGE IMAGE IMAGE IMAGE IMAGE IMAGEhttp://www.secuobs.com/revue/news/107558.shtmlhttp://www.secuobs.com/revue/news/107558.shtml Securinfos : Virtue Book Store cid : Vulnérabilité d'Injection SQL2009-06-09 18:44:05 - Global Security Mag Online : - Vulnérabilitéshttp://www.secuobs.com/revue/news/107513.shtmlhttp://www.secuobs.com/revue/news/107513.shtml Securinfos : Virtue Shopping Mall cid : Vulnérabilité d'Injection SQL2009-06-09 18:44:05 - Global Security Mag Online : - Vulnérabilitéshttp://www.secuobs.com/revue/news/107512.shtmlhttp://www.secuobs.com/revue/news/107512.shtml Securinfos : Virtue Classifieds category : Vulnérabilité d'Injection SQL2009-06-09 18:44:05 - Global Security Mag Online : - Vulnérabilitéshttp://www.secuobs.com/revue/news/107511.shtmlhttp://www.secuobs.com/revue/news/107511.shtml Shop-Script Pro current_currency : Vulnérabilité d'Injection SQL2009-06-09 16:55:30 - Bulletins et Alertes de Sécurité SECURINFOS.INFO : Ams a rapporté une vulnérabilité dans Shop-Script Pro, qui pourrait êtreexploitée par des personnes malintentionnées pour conduire desattaques SQLhttp://www.secuobs.com/revue/news/107482.shtmlhttp://www.secuobs.com/revue/news/107482.shtml Virtue Classifieds category : Vulnérabilité d'Injection SQL2009-06-09 16:55:30 - Bulletins et Alertes de Sécurité SECURINFOS.INFO : OzX a rapporté une vulnérabilité dans Virtue Classifieds, qui pourraitêtre exploitée par des personnes malintentionnées pour conduire desattaques SQLhttp://www.secuobs.com/revue/news/107481.shtmlhttp://www.secuobs.com/revue/news/107481.shtml Virtue Book Store cid : Vulnérabilité d'Injection SQL2009-06-09 16:55:30 - Bulletins et Alertes de Sécurité SECURINFOS.INFO : OzX a rapporté une vulnérabilité dans Virtue Book Store, qui pourraitêtre exploitée par des personnes malintentionnées pour conduire desattaques SQLhttp://www.secuobs.com/revue/news/107480.shtmlhttp://www.secuobs.com/revue/news/107480.shtml Virtue Shopping Mall cid : Vulnérabilité d'Injection SQL2009-06-09 16:55:30 - Bulletins et Alertes de Sécurité SECURINFOS.INFO : OzX a rapporté une vulnérabilité dans Virtue Shopping Mall, qui pourraitêtre exploitée par des personnes malintentionnées pour conduire desattaques SQLhttp://www.secuobs.com/revue/news/107479.shtmlhttp://www.secuobs.com/revue/news/107479.shtml Securinfos : Virtue News Manager nid : Vulnérabilité d'Injection SQL2009-06-09 16:10:57 - Global Security Mag Online : - Vulnérabilitéshttp://www.secuobs.com/revue/news/107423.shtmlhttp://www.secuobs.com/revue/news/107423.shtml Securinfos : MyCars authuserid : Vulnérabilité d'Injection SQL2009-06-09 16:10:57 - Global Security Mag Online : - Vulnérabilitéshttp://www.secuobs.com/revue/news/107421.shtmlhttp://www.secuobs.com/revue/news/107421.shtml Securinfos : Frontis source_class : Vulnérabilité d'Injection SQL2009-06-09 16:10:57 - Global Security Mag Online : - Vulnérabilitéshttp://www.secuobs.com/revue/news/107419.shtmlhttp://www.secuobs.com/revue/news/107419.shtml Securinfos : Shop-Script Pro current_currency : Vulnérabilité d'Injection SQL2009-06-09 16:10:57 - Global Security Mag Online : - Vulnérabilitéshttp://www.secuobs.com/revue/news/107414.shtmlhttp://www.secuobs.com/revue/news/107414.shtml Virtue News Manager nid : Vulnérabilité d'Injection SQL2009-06-09 14:28:30 - Bulletins et Alertes de Sécurité SECURINFOS.INFO : Snakespc a rapporté une vulnérabilité dans Virtue News Manager, quipourrait être exploitée par des personnes malintentionnées pourconduire des attaques SQLhttp://www.secuobs.com/revue/news/107393.shtmlhttp://www.secuobs.com/revue/news/107393.shtml MyCars authuserid : Vulnérabilité d'Injection SQL2009-06-09 14:28:30 - Bulletins et Alertes de Sécurité SECURINFOS.INFO : Snakespc a rapporté une vulnérabilité dans MyCars, qui pourrait êtreexploitée par des personnes malintentionnées pour conduire desattaques SQLhttp://www.secuobs.com/revue/news/107392.shtmlhttp://www.secuobs.com/revue/news/107392.shtml Frontis source_class : Vulnérabilité d'Injection SQL2009-06-09 14:28:30 - Bulletins et Alertes de Sécurité SECURINFOS.INFO : Snakespc a rapporté une vulnérabilité dans Frontis, qui pourrait êtreexploitée par des personnes malintentionnées pour conduire desattaques SQLhttp://www.secuobs.com/revue/news/107391.shtmlhttp://www.secuobs.com/revue/news/107391.shtml Six Steps to Stop SQL Injections2009-06-09 03:32:44 - Hack In The Box : According to IBM ISS X-Force findings, SQL injections last year becamethe most common Web-based attack technique Hackers are successfulwith these attacks largely due to poor coding practices The followingare six ways organizations can start to mitigate the risk from SQLinjectionshttp://www.secuobs.com/revue/news/107236.shtmlhttp://www.secuobs.com/revue/news/107236.shtml Joomla Component com_portafolio cid SQL injection Vulnerability2009-06-09 00:17:38 - milw0rm.com : http://www.secuobs.com/revue/news/107171.shtmlhttp://www.secuobs.com/revue/news/107171.shtml Shop Script Pro 212 Remote SQL Injection Exploit2009-06-09 00:17:38 - milw0rm.com : http://www.secuobs.com/revue/news/107170.shtmlhttp://www.secuobs.com/revue/news/107170.shtml Bonet SQL Injection Conficker2009-06-08 22:34:27 - Technicalinfo.net Blog : Nowadays most organizations are familiar with SQL Injection - even ifonly as a "critical" vulnerability that happens to get the techies hotunder the collar Most CxO's I encounter understand the significanceof the threat, even if they have no idea as to it's natureThat said, even amongst most techies, the general perception is thatSQL Injection is difficult and noisy - ie you need to understand thedatabase/table structures to successfully hack it, and the repeatedattempts to hack/enumerate the database would quickly be detectedWhich, to my mind, is a rather strange and sorry state of affairs ifthat's their argument counterpoint to investing in more advancedprotectionRegardless, the real situation concerning the threat is that botharguments or "defenses" are flawed - particularly so when youunderstand how botnet-based SQL Injection attacks occurMany people are unfamiliar with the current state of botnet-basedattacks and just how advanced they've become over the last couple ofyears So, with that in mind, I wanted to chat about the state of SQLInjection attacks launched from botnetsOlder SQL Injection BotsMid-2008 saw a number of press alerts and media stories covering theAsprox botnet at the time estimated to be between 200k-600k botagents getting updated with a new module called "msscntr32exe" whichcontained a automated SQL Injection attack kit The Asprox botnet hadgained notoriety the previous year due to its robust fast-flux commandand control CetC structure that made it an incredibly reliable spamsourceAt the time, the Asprox botnet was using the SQL Injection modulemainly for injecting new drive-by-download iframes into vulnerablewebsites - thereby helping to build a bigger botnetThe general process for Asprox and several subsequent copy-cat botnetengines was:1 Armed with a "seed" SQL vulnerability eg a known page type orURL parameter structure, the attack engine queries Google forother pages that contain the key words/structures2 A list of potentially vulnerable pages are identified within thereturned search findings3 A preformatted SQL Injection string is constructed, and theattack engine iterates through each search finding - sending theSQL Injection exploit to each page/host4 Part of the exploit string contains the content that the attackerwants to inject in to the vulnerable application database -typically an iframe containing a URL that would direct potentialdrive-by-download victims to a host that botnet operator hasprepared specially to serve Web browser exploit material andinstall bot agentsIn general, the attacks were unsophisticated Each bot agent waslargely left to its own devices to locate and attack vulnerable Webapplications, and there was no intelligent load-balancing between botagents via the CetC - so many vulnerable sites fell victim multipletimes While unsophisticated, they were quite successful - with somebotnets successfully compromising hundreds-of-thousands of vulnerableWeb applicationsBotnets agents like Conficker have been regularly updated with modulescapable of operating in this fashion and have been observed launchingthese kinds of unimaginative SQL Injection attacks Check your HTTPWeb logs for User-Agent strings such as "NV32ts" to see if someone'spointed the botnet at your Web applicationNewer SQL Injection BotsAs is so typical in botnet development, "cool" features mature andmorph really quickly While the first Asprox botnets and theirclones operated more akin to Zombie agents than bot agents, theirbotnet operators quickly added better centralized control of the SQLInjection mass attacksThe SQL Injection attacks conducted by the more advanced bot agentsor downloaded malware make better use of scripting engines andconsequently are much more versatile attack platforms A limitation ofearly generation bot SQL Injection resulted in the same vulnerable Webapplications being hit multiple times by the same botnet - betterscripting language use and more coordinated CnC overcomes thisConsider the newer twist on the attack1 The bot master conducts a Google search for Webapplications/sites potentially vulnerable to a new SQL Injectionvulnerability Typically this would be done via an open proxy orsacrificial bot agent so that the CnC doesn't give away it'sposition2 The bot master divides the list of potentially vulnerable sitesin to batches of the order 10-20 hosts and allocates thesub-list to a particular bot agent along with the specific attackstring3 The bot agent itterates its way through the batch it was givenand reports its status/success to the CnC server - whereupon it isgiven a new batch to attackIn this model, there is no duplication of effort and the botnetoperator can change the dynamics of the attack and iframe details atanystageBlind SQL InjectionGiven the pace of evolution its probable that the threat is alreadyevolving to include blind SQL Injection tooling as well With blindSQLi, the resultant enumeration or alteration of the backend databaseare not visible directly from the page's content - and the attack musteffectively "brute force" it's way through an enumeration processThe tools to conduct this class of attack have been available for acouple of years within the pentesting community - however, beyondproof-of-concept, they've never really amounted to much because it's atime consuming attack However, given the capability to batch attackprocesses to distributed bot agents and improvements in CnC managementsystems it's now become much more feasible for criminals to launchblind SQL Injection attacks against vulnerable sitesI haven't been asked to investigate any notable database hacks for awhile now so I've not seen evidence of botnets bening used in this wayto date - but from following discussions on various undergroundboards, the potential for attack hasn't been lost on the bad guys, soit's only a matter of time if not already happeningFor the timebeing though, the bad guys will probably persist withsingle string SQL Injection attacks ie send GET/POST a singlestring of SQL Injection commands to a server with an embedded iframerather than more sophisticated enumeration and data egress attacks -mainly because it's easier and there's still money to be had that wayHowever, I'd expect some of the more cutting edge botnet operators toup their game and pursue the data theft route in the later stages ofthe year - mainly because it's becoming more profitable and they'vealmost perfected their systemsIMAGEhttp://www.secuobs.com/revue/news/107142.shtmlhttp://www.secuobs.com/revue/news/107142.shtml Frontis 390124 source_class Remote SQL Injection Vulnerability2009-06-08 22:24:37 - milw0rm.com : http://www.secuobs.com/revue/news/107134.shtmlhttp://www.secuobs.com/revue/news/107134.shtml Mass Injection Attack Hits 20,000 Web Sites2009-06-08 22:15:28 - Security Bloggers Network : Websense Security Labs has detected a mass injection attack affecting20,000 web sites with malicious JavaScript that hides code redirectingusers to a site with active exploits The attack, uncovered last week,used a domain similar to the legitimate http://www.secuobs.com/revue/news/107126.shtmlhttp://www.secuobs.com/revue/news/107126.shtml Conficker, now with mass SQL injection2009-06-08 21:57:09 - IBM Internet Security Systems Frequency X Blog : Conficker, now with mass SQL injectionhttp://www.secuobs.com/revue/news/107088.shtmlhttp://www.secuobs.com/revue/news/107088.shtml Virtue Classifieds category SQL Injection Vulnerability2009-06-08 19:58:06 - milw0rm.com : http://www.secuobs.com/revue/news/107042.shtmlhttp://www.secuobs.com/revue/news/107042.shtml Virtue Book Store cid Remote SQL Injection Vulnerability2009-06-08 19:58:06 - milw0rm.com : http://www.secuobs.com/revue/news/107041.shtmlhttp://www.secuobs.com/revue/news/107041.shtml Virtue Shopping Mall cid Remote SQL Injection Vulnerability2009-06-08 19:58:06 - milw0rm.com : http://www.secuobs.com/revue/news/107040.shtmlhttp://www.secuobs.com/revue/news/107040.shtml MyCars Automotive Auth Bypass SQL Injection Vulnerability2009-06-08 17:54:27 - milw0rm.com : http://www.secuobs.com/revue/news/106992.shtmlhttp://www.secuobs.com/revue/news/106992.shtml Joomla Component com_school 14 classid SQL Injection Vulnerability2009-06-08 17:54:27 - milw0rm.com : http://www.secuobs.com/revue/news/106989.shtmlhttp://www.secuobs.com/revue/news/106989.shtml Passively Detecting SQL Injection 2009-06-08 15:05:53 - Tenable Network Security : SQL injection is a class of vulnerabilities that can plague webapplications in your environment, often with devastating consequencesThey can be difficult to detect and validate and are sometimes thecause of major data breaches This is a deadlyhttp://www.secuobs.com/revue/news/106911.shtmlhttp://www.secuobs.com/revue/news/106911.shtml Javascript injection attack - website contents altered2009-06-08 12:43:38 - BadwareBusters.org Most recent topics : Hi, i’ve been probably attacked couple of times, via JavaScriptInjection The hosting provider says its due to weak codingthe website addresses are:wwwvisititechcomcurrently, i’ve deleted the site to upload the fresh clean copy2nd site :wwwascocompkNote both websites are uploaded over a same hosting providerwhen i viewed the source code of the online site, it contained iniframe tag :iframe src=“http://hugetoplocatecn:8080/indexphp” width=153height=198 style=“visibility: hidden”I’ve removed it several times, but my site got infected againNeed guidelinehttp://www.secuobs.com/revue/news/106893.shtmlhttp://www.secuobs.com/revue/news/106893.shtml Securinfos : PeaZIP Archived Traitement du Nom de Fichier Injection de Commande2009-06-08 12:42:16 - Global Security Mag Online : - Vulnérabilitéshttp://www.secuobs.com/revue/news/106888.shtmlhttp://www.secuobs.com/revue/news/106888.shtml PeaZIP Archived Traitement du Nom de Fichier Injection de Commande2009-06-08 11:03:28 - Bulletins et Alertes de Sécurité SECURINFOS.INFO : pyrokinesis a découvert une vulnérabilité dans PeaZIP, qui pourrait êtreexploitée par des personnes malintentionnées pour compromettre unsystème vulnérablehttp://www.secuobs.com/revue/news/106878.shtmlhttp://www.secuobs.com/revue/news/106878.shtml Mass SQL-Injection Attack Hits Thousands2009-06-07 03:17:50 - Security Bloggers Network : Websense Security Labs has detected a mass injection attack affecting20,000 web sites with malicious JavaScript that hides code redirectingusers to a site with active exploits The attack, uncovered last week,used a domain similar to the legitimatehttp://www.secuobs.com/revue/news/106606.shtmlhttp://www.secuobs.com/revue/news/106606.shtml Backtrack Series 1 Cracking WEP Protection Using Deauthentication and ARP Packets Injection Video Tutorial2009-06-06 17:32:47 - SecurityTube.Net : Backtrack Series 1 Cracking WEP Protection Using Deauthentication andARP Packets Injection Video TutorialIMAGEhttp://www.secuobs.com/revue/news/106536.shtmlhttp://www.secuobs.com/revue/news/106536.shtml peazip-injecttxt2009-06-06 00:52:54 - Packet Storm Security Exploits : PeaZIP versions 261 and below compressed filename command injectionproof of concept exploithttp://www.secuobs.com/revue/news/106427.shtmlhttp://www.secuobs.com/revue/news/106427.shtml Pixelactivo 30 idx Remote SQL Injection Vulnerability2009-06-05 22:46:34 - milw0rm.com : http://www.secuobs.com/revue/news/106394.shtmlhttp://www.secuobs.com/revue/news/106394.shtml Pixelactivo 30 Auth Bypass Remote SQL Injection Vulnerability2009-06-05 22:46:34 - milw0rm.com : http://www.secuobs.com/revue/news/106393.shtmlhttp://www.secuobs.com/revue/news/106393.shtml Kjtechforce mailman b1 code SQL Injection Delete Row Vulnerability2009-06-05 22:46:34 - milw0rm.com : http://www.secuobs.com/revue/news/106392.shtmlhttp://www.secuobs.com/revue/news/106392.shtml Kjtechforce mailman b1 dest Remote Blind SQL Injection Exploit2009-06-05 22:46:34 - milw0rm.com : http://www.secuobs.com/revue/news/106391.shtmlhttp://www.secuobs.com/revue/news/106391.shtml Iron Geek: XSS, Command and SQL Injection vectors: Beyond the Form2009-06-05 21:01:32 - Rootsecure.net : Iron Geek: XSS, Command and SQL Injection vectors: Beyond the Formhttp://www.secuobs.com/revue/news/106361.shtmlhttp://www.secuobs.com/revue/news/106361.shtml PeaZIP = 261 Compressed Filename Command Injection Exploit2009-06-05 20:21:21 - milw0rm.com : http://www.secuobs.com/revue/news/106345.shtmlhttp://www.secuobs.com/revue/news/106345.shtml Securinfos : MyMiniBill orderid : Vulnérabilité d'Injection SQL2009-06-04 17:29:05 - Global Security Mag Online : - Vulnérabilitéshttp://www.secuobs.com/revue/news/105847.shtmlhttp://www.secuobs.com/revue/news/105847.shtml Securinfos : Movie PHP Script anticode : Injection de Code PHP2009-06-04 17:29:05 - Global Security Mag Online : - Vulnérabilitéshttp://www.secuobs.com/revue/news/105845.shtmlhttp://www.secuobs.com/revue/news/105845.shtml MyMiniBill orderid : Vulnérabilité d'Injection SQL2009-06-04 17:17:40 - Bulletins et Alertes de Sécurité SECURINFOS.INFO : Une vulnérabilité a été rapportée dans MyMiniBill, qui pourrait êtreexploitée par des personnes malintentionnées pour conduire desattaques SQLhttp://www.secuobs.com/revue/news/105826.shtmlhttp://www.secuobs.com/revue/news/105826.shtml Vuln: Joomla and Mambo ‘com_mosres’ Component Multiple SQL Injection Vulnerabilities2009-06-04 16:39:25 - ReverseConnection : Joomla and Mambo ‘com_mosres’ Component Multiple SQL InjectionVulnerabilities Source: click herehttp://www.secuobs.com/revue/news/105788.shtmlhttp://www.secuobs.com/revue/news/105788.shtml Securinfos : Webottcom WebCal event_id : Vulnérabilité d'Injection SQL2009-06-04 14:26:20 - Global Security Mag Online : - Vulnérabilitéshttp://www.secuobs.com/revue/news/105766.shtmlhttp://www.secuobs.com/revue/news/105766.shtml Movie PHP Script anticode : Injection de Code PHP2009-06-04 14:06:27 - Bulletins et Alertes de Sécurité SECURINFOS.INFO : Une vulnérabilité a été rapportée dans Movie PHP Script, qui pourraitêtre exploitée par des personnes malintentionnées afin de compromettreun système vulnérablehttp://www.secuobs.com/revue/news/105753.shtmlhttp://www.secuobs.com/revue/news/105753.shtml XSS, Command and SQL Injection vectors: Beyond the Form2009-06-04 03:04:20 - Irongeek's Security Site : Link: XSS, Command and SQL Injection vectors: Beyond the FormWe are all familiar with XSS via a form field in a web application,but what about other vectors The article talks about using User Agentstrings, even logs, object properties and other odd alternativevectors for XSS, SQL and command injection What other vectors can youthink ofIMAGEIMAGEIMAGEhttp://www.secuobs.com/revue/news/105613.shtmlhttp://www.secuobs.com/revue/news/105613.shtml Supernews 26 indexphp noticia Remote SQL Injection Vulnerability2009-06-04 00:37:19 - milw0rm.com : http://www.secuobs.com/revue/news/105599.shtmlhttp://www.secuobs.com/revue/news/105599.shtml Joomla Component com_mosres Multiple SQL Injection Vulnerabilities2009-06-04 00:37:19 - milw0rm.com : http://www.secuobs.com/revue/news/105596.shtmlhttp://www.secuobs.com/revue/news/105596.shtml Webottcom WebCal event_id : Vulnérabilité d'Injection SQL2009-06-03 18:14:23 - Bulletins et Alertes de Sécurité SECURINFOS.INFO : Une vulnérabilité a été rapportée dans Webottcom WebCal, qui pourraitêtre exploitée par des personnes malintentionnées pour conduire desattaques SQLhttp://www.secuobs.com/revue/news/105464.shtmlhttp://www.secuobs.com/revue/news/105464.shtml My Mini Bill orderid Remote SQL Injection Vulnerability2009-06-03 18:01:37 - milw0rm.com : http://www.secuobs.com/revue/news/105459.shtmlhttp://www.secuobs.com/revue/news/105459.shtml EgyPlus 7ml = 101 Auth Bypass SQL Injection Vulnerability2009-06-03 18:01:37 - milw0rm.com : http://www.secuobs.com/revue/news/105458.shtmlhttp://www.secuobs.com/revue/news/105458.shtml Joomla Component Seminar 128 id Blind SQL Injection Exploit2009-06-03 18:01:37 - milw0rm.com : http://www.secuobs.com/revue/news/105456.shtmlhttp://www.secuobs.com/revue/news/105456.shtml Securinfos : ViciDial Asterisk GUI Client : Vulnérabilités d'Injection SQL2009-06-03 15:59:30 - Global Security Mag Online : - Vulnérabilitéshttp://www.secuobs.com/revue/news/105396.shtmlhttp://www.secuobs.com/revue/news/105396.shtml Securinfos : PropertyMax Pro : Cross-Site Scripting et Injection SQL2009-06-03 15:59:30 - Global Security Mag Online : - Vulnérabilitéshttp://www.secuobs.com/revue/news/105395.shtmlhttp://www.secuobs.com/revue/news/105395.shtml ViciDial Asterisk GUI Client : Vulnérabilités d'Injection SQL2009-06-03 15:51:25 - Bulletins et Alertes de Sécurité SECURINFOS.INFO : Deux vulnérabilités ont été identifiées dans Asterisk GUI client, quipourrait être exploitée par des personnes malintentionnées pourconduire des attaques SQLhttp://www.secuobs.com/revue/news/105378.shtmlhttp://www.secuobs.com/revue/news/105378.shtml PropertyMax Pro : Cross-Site Scripting et Injection SQL2009-06-03 15:51:25 - Bulletins et Alertes de Sécurité SECURINFOS.INFO : Quelques vulnérabilités ont été identifiées dans PropertyMax Pro, quipourraient être exploitées par des personnes malintentionnées pourconduire des attaques cross-site scripting et des attaques parInjection SQLhttp://www.secuobs.com/revue/news/105377.shtmlhttp://www.secuobs.com/revue/news/105377.shtml Undetected Autorun/Injector Variant on the Loose2009-06-03 15:25:48 - Security Bloggers Network : A new variant of an Autorun worm is on the loose, probably created byanother childish and angry ex-lover The little multithreaded beastinjects into windows explorer, and attempts to communicate with one ofseveral Irc servers at JuneIRCdevilsnet,http://www.secuobs.com/revue/news/105370.shtmlhttp://www.secuobs.com/revue/news/105370.shtml Securinfos : WebEyes Guest Book mesajid : Vulnérabilité d'Injection SQL2009-06-03 13:29:59 - Global Security Mag Online : - Vulnérabilitéshttp://www.secuobs.com/revue/news/105343.shtmlhttp://www.secuobs.com/revue/news/105343.shtml WebEyes Guest Book mesajid : Vulnérabilité d'Injection SQL2009-06-03 13:19:31 - Bulletins et Alertes de Sécurité SECURINFOS.INFO : Une vulnérabilité a été rapportée dans WebEyes Guest Book, qui pourraitêtre exploitée par des personnes malintentionnées pour conduire desattaques SQLhttp://www.secuobs.com/revue/news/105334.shtmlhttp://www.secuobs.com/revue/news/105334.shtml Email Injection2009-06-03 05:38:08 - Infinity Exists : Now that I finally got rid of WP-Forum, I can show you guys an EmailInjection flaw that existed in that forum An Email Injection flawoccur when a form is added to a web page that submits data to an emailapplication, and user input is not filtered properly A malicious userhttp://www.secuobs.com/revue/news/105220.shtmlhttp://www.secuobs.com/revue/news/105220.shtml