[FD] Bug in TradeWinds

2015-02-18 Thread Juan Martinez
Hi, I turn to you because I want to make public a bug, a web server called Trade Winds, by which much compromising information of internal servers exposed ... Through a Dork on google: inurl: cgi-shl / twserver.exe run?. They are vulnerable server, injecting this url: http:

[FD] weblogin software cross site request

2015-07-17 Thread Juan Martinez
Hi, People i discover a cross site request in this Dork: intitle:weblogin intext:This page will redirect you to: This cross site request is exploit like this example: http://target/Login:%20Weblogin%20%20This%20page%20will%20redirect%20you%20to%20 inject any word you want to screen in the